diff options
Diffstat (limited to 'test/results/gnutella.pcap.out')
| -rw-r--r-- | test/results/gnutella.pcap.out | 2914 |
1 files changed, 1457 insertions, 1457 deletions
diff --git a/test/results/gnutella.pcap.out b/test/results/gnutella.pcap.out index f5329d69f..f2b6c7c46 100644 --- a/test/results/gnutella.pcap.out +++ b/test/results/gnutella.pcap.out @@ -3,58 +3,58 @@ 00260{"packet_event_id":1,"packet_event_name":"packet","packet_id":1,"source":"gnutella.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":4,"pkt_type":0,"pkt_l3_offset":0,"pkt_l4_offset":0,"pkt_len":4,"pkt_l4_len":0,"thread_ts_usec":22,"pkt":"AAAAAA=="} 00683{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752391,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3} 00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":78,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":78,"pkt_l4_len":24,"thread_ts_usec":9752391,"pkt":"MzP\/pOEICAAn5uVZht1gAAAAABg6\/wAAAAAAAAAAAAAAAAAAAAD\/AgAAAAAAAAAAAAH\/pOEIhwAMIAAAAAD+gAAAAAAAAMUNUZ+WpOEI"} -00792{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752391,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00835{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752391,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00693{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":9752466,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752466,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3} 00495{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":9752466,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":62,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":62,"pkt_l4_len":8,"thread_ts_usec":9752466,"pkt":"MzMAAAACCAAn5uVZht1gAAAAAAg6\/\/6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAChQDu3AAAAAA="} -00802{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":9752466,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752466,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00845{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":9752466,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":8,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":8,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752466,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00697{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":9752486,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752486,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":9752486,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":9752486,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAAECAAAAAQQAAAD\/AgAAAAAAAAAAAAH\/pOEI"} -00806{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":9752486,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752486,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00849{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":9752486,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":9752486,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":10250425,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":10250425,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAAECAAAAAQQAAAD\/AgAAAAAAAAAAAAH\/pOEI"} 00700{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":10750507,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3} 00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":10750507,"pkt":"MzMAAAABCAAn5uVZht1gAAAAACA6\/\/6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAABiAAnqSAAAAD+gAAAAAAAAMUNUZ+WpOEIAgEIACfm5Vk="} -00809{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":10750507,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00852{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":10750507,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00719{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12446804,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00904{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":356,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":356,"pkt_l4_len":322,"thread_ts_usec":12446804,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAAFWW8sAAIAR3cwAAAAA\/\/\/\/\/wBEAEMBQgLkAQEGAKZ4S30AAAAAAAAAAAAAAAAAAAAAAAAAAAgAJ+blWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjglNjNQEDPQcBCAAn5uVZMgQKAAIPDAtNU0VER0VXSU4xMFEOAAAATVNFREdFV0lOMTA8CE1TRlQgNS4wNw4BAwYPHyErLC4vd3n5\/P8="} -00944{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12446804,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10","dhcp": {"fingerprint":"1,3,6,15,31,33,43,44,46,47,119,121,249,252","class_ident":"MSFT 5.0"}}} +00987{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12446804,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10","dhcp": {"fingerprint":"1,3,6,15,31,33,43,44,46,47,119,121,249,252","class_ident":"MSFT 5.0"}}} 00714{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":8,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12447076,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01206{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":590,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":590,"pkt_l4_len":556,"thread_ts_usec":12447076,"pkt":"CAAn5uVZUlQAEjUCCABFEAJAAAAAAEARYI0KAAICCgACDwBDAEQCLAYSAgEGAKZ4S30AAAAACgACDwoAAg8KAAIEAAAAAAgAJ+blWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATVNFZGdlIC0gV2luMTAucHhlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjglNjNQEFAQT\/\/\/8AAwQKAAICBgQKAAIDDwNsYW4zBAABUYA2BAoAAgL\/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="} -00878{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12447076,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","dhcp": {"fingerprint":"","class_ident":""}}} +00921{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12447076,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","dhcp": {"fingerprint":"","class_ident":""}}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":91,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12461875,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00619{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":153,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":153,"pkt_l4_len":99,"thread_ts_usec":12461875,"pkt":"MzMAAQACCAAn5uVZht1gDPpkAGMRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQACAiICIwBj3RcBE9HtAAgAAgAAAAEADgABAAEkIvGzCAAn5uVZAAMADAUIACcAAAAAAAAAAAAnAA0AC01TRURHRVdJTjEwABAADgAAATcACE1TRlQgNS4wAAYACAARABcAGAAn"} -00839{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":91,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12461875,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00882{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":91,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12461875,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":12512798,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":12512798,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAOC1AAAAAQQAAAD\/AgAAAAAAAAAAAAAAAAD7"} 00682{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":11,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":12513795,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":16,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12513795,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3} 00484{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":12513795,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":38,"pkt_len":54,"pkt_l4_len":16,"thread_ts_usec":12513795,"pkt":"AQBeAAAWCAAn5uVZCABGAAAoICwAAAECGH8KAAIP4AAAFpQEAAAiAPkCAAAAAQQAAADgAAD7"} -00788{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":11,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":12513795,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":16,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12513795,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00831{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":11,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":12513795,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":16,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12513795,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00484{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_src_last_pkt_time":12524099,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":38,"pkt_len":54,"pkt_l4_len":16,"thread_ts_usec":12524099,"pkt":"AQBeAAAWCAAn5uVZCABGAAAoIC0AAAECGH4KAAIP4AAAFpQEAAAiAPkBAAAAAQQAAADgAAD8"} 00484{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":15,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_packet_id":3,"flow_src_last_pkt_time":12527972,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":38,"pkt_len":54,"pkt_l4_len":16,"thread_ts_usec":12527972,"pkt":"AQBeAAAWCAAn5uVZCABGAAAoIC4AAAECGH0KAAIP4AAAFpQEAAAiAPoBAAAAAQMAAADgAAD8"} 00719{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":18,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":12529525,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529525,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00519{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":18,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":12529525,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":77,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":77,"pkt_l4_len":43,"thread_ts_usec":12529525,"pkt":"AQBeAAD7CAAn5uVZCABFAAA\/aF0AAAERZEcKAAIP4AAA+xTpFOkAK6\/OAAAAAAABAAAAAAAAC01TRURHRVdJTjEwBWxvY2FsAAD\/AAE="} -00866{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":18,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":12529525,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529525,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} +00909{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":18,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":12529525,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529525,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} 00733{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":19,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":12529625,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529625,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":12529625,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":97,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":97,"pkt_l4_len":43,"thread_ts_usec":12529625,"pkt":"MzMAAAD7CAAn5uVZht1gATieACsRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAD7FOkU6QArEAAAAAAAAAEAAAAAAAALTVNFREdFV0lOMTAFbG9jYWwAAP8AAQ=="} -00880{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":19,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":12529625,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529625,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} +00923{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":19,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":12529625,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":35,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":35,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529625,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":20,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529920,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_packet_id":1,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":91,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":91,"pkt_l4_len":37,"thread_ts_usec":12529920,"pkt":"MzMAAQADCAAn5uVZht1gD+kJACURAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQAD+OUU6wAl\/+MDXAAAAAEAAAAAAAALTVNFREdFV0lOMTAAAP8AAQ=="} -00843{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529920,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00886{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":20,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529920,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00570{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":2,"flow_src_last_pkt_time":12529945,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":115,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":115,"pkt_l4_len":81,"thread_ts_usec":12529945,"pkt":"AQBeAAD7CAAn5uVZCABFAABlaF4AAAERZCAKAAIP4AAA+xTpFOkAUYkoAACEAAAAAAIAAAAAC01TRURHRVdJTjEwBWxvY2FsAAAcAAEAAAA8ABD+gAAAAAAAAMUNUZ+WpOEIwAwAAQABAAAAPAAECgACDw=="} -00875{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":21,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":12529945,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} +00918{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":21,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":12529945,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} 00721{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":22,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529999,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":12529999,"pkt":"AQBeAAD8CAAn5uVZCABFAAA5pMYAAAERJ+MKAAIP4AAA\/PjlFOsAJZ66A1wAAAABAAAAAAAAC01TRURHRVdJTjEwAAD\/AAE="} -00829{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529999,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00872{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":22,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12529999,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00597{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":2,"flow_src_last_pkt_time":12530043,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":135,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":135,"pkt_l4_len":81,"thread_ts_usec":12530043,"pkt":"MzMAAAD7CAAn5uVZht1gATieAFERAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAD7FOkU6QBR6VkAAIQAAAAAAgAAAAALTVNFREdFV0lOMTAFbG9jYWwAABwAAQAAADwAEP6AAAAAAAAAxQ1Rn5ak4QjADAABAAEAAAA8AAQKAAIP"} -00889{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":23,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":12530043,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12530043,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} +00932{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":23,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":12530043,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":35,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":108,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12530043,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10.local","mdns": {}}} 00717{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":33,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":12827507,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":68,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":68,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12827507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":33,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":1,"flow_src_last_pkt_time":12827507,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":12827507,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAABgHOwAAIARBJQKAAIPCgAC\/wCJAIkATEdqnCkpEAABAAAAAAABIEVORkRFRkVFRUhFRkZIRUpFT0RCREFDQUNBQ0FDQUFBAAAgAAHADAAgAAEABJPgAAYAAAoAAg8="} -00850{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":33,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":12827507,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":68,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":68,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12827507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"msedgewin10"}} +00893{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":33,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":12827507,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":68,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":68,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12827507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"msedgewin10"}} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":34,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":2,"flow_src_last_pkt_time":12827649,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":12827649,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAABgHO0AAIARBJMKAAIPCgAC\/wCJAIkATMtnnCopEAABAAAAAAABIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUFBAAAgAAHADAAgAAEABJPgAAaAAAoAAg8="} 00739{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":37,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":13118724,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1091,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":13118724,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01962{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":37,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":1,"flow_src_last_pkt_time":13118724,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":1153,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1153,"pkt_l4_len":1099,"thread_ts_usec":13118724,"pkt":"MzMAAAAMCAAn5uVZht1gB0PFBEsRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dYOdgRLOdU8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiIHhtbG5zOndzZHA9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDYvMDIvZGV2cHJvZiIgeG1sbnM6cHViPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dpbmRvd3MvcHViLzIwMDUvMDciPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvSGVsbG88L3dzYTpBY3Rpb24+PHdzYTpNZXNzYWdlSUQ+dXJuOnV1aWQ6YWMzNzRhY2YtOTJhYi00YWY1LWJkZDEtOTQ5ODVkYWViNDA3PC93c2E6TWVzc2FnZUlEPjx3c2Q6QXBwU2VxdWVuY2UgSW5zdGFuY2VJZD0iNDYiIFNlcXVlbmNlSWQ9InVybjp1dWlkOjc2NzM4OWUwLWVlOWEtNGMxYy1iOTAyLTIwY2I4MWQyMDNlMCIgTWVzc2FnZU51bWJlcj0iMSI+PC93c2Q6QXBwU2VxdWVuY2U+PC9zb2FwOkhlYWRlcj48c29hcDpCb2R5Pjx3c2Q6SGVsbG8+PHdzYTpFbmRwb2ludFJlZmVyZW5jZT48d3NhOkFkZHJlc3M+dXJuOnV1aWQ6NzQ3ZjNkOTYtNjhhNy00M2YxLThjYmUtZThkNmRhZGQwMzU4PC93c2E6QWRkcmVzcz48L3dzYTpFbmRwb2ludFJlZmVyZW5jZT48d3NkOlR5cGVzPndzZHA6RGV2aWNlIHB1YjpDb21wdXRlcjwvd3NkOlR5cGVzPjx3c2Q6WEFkZHJzPmh0dHA6Ly9bZmU4MDo6YzUwZDo1MTlmOjk2YTQ6ZTEwOF06NTM1Ny83NDdmM2Q5Ni02OGE3LTQzZjEtOGNiZS1lOGQ2ZGFkZDAzNTgvPC93c2Q6WEFkZHJzPjx3c2Q6TWV0YWRhdGFWZXJzaW9uPjI8L3dzZDpNZXRhZGF0YVZlcnNpb24+PC93c2Q6SGVsbG8+PC9zb2FwOkJvZHk+PC9zb2FwOkVudmVsb3BlPg=="} -00845{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":37,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":13118724,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1091,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":13118724,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00888{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":37,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":13118724,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1091,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":13118724,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":38,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":13118832,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1073,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":13118832,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01912{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":38,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":1,"flow_src_last_pkt_time":13118832,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":1115,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1115,"pkt_l4_len":1081,"thread_ts_usec":13118832,"pkt":"AQBef\/\/6CAAn5uVZCABFAARN4IUAAAER2REKAAIP7\/\/\/+vnVDnYEOdZOPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c29hcDpFbnZlbG9wZSB4bWxuczpzb2FwPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW52ZWxvcGUiIHhtbG5zOndzYT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNC8wOC9hZGRyZXNzaW5nIiB4bWxuczp3c2Q9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5IiB4bWxuczp3c2RwPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA2LzAyL2RldnByb2YiIHhtbG5zOnB1Yj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93aW5kb3dzL3B1Yi8yMDA1LzA3Ij48c29hcDpIZWFkZXI+PHdzYTpUbz51cm46c2NoZW1hcy14bWxzb2FwLW9yZzp3czoyMDA1OjA0OmRpc2NvdmVyeTwvd3NhOlRvPjx3c2E6QWN0aW9uPmh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5L0hlbGxvPC93c2E6QWN0aW9uPjx3c2E6TWVzc2FnZUlEPnVybjp1dWlkOmZhMTdjZDkwLThmMzktNGY1Yi05ZTI4LWJmZjA4ZmI1Y2QwZTwvd3NhOk1lc3NhZ2VJRD48d3NkOkFwcFNlcXVlbmNlIEluc3RhbmNlSWQ9IjQ2IiBTZXF1ZW5jZUlkPSJ1cm46dXVpZDo3NjczODllMC1lZTlhLTRjMWMtYjkwMi0yMGNiODFkMjAzZTAiIE1lc3NhZ2VOdW1iZXI9IjEiPjwvd3NkOkFwcFNlcXVlbmNlPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOkhlbGxvPjx3c2E6RW5kcG9pbnRSZWZlcmVuY2U+PHdzYTpBZGRyZXNzPnVybjp1dWlkOjc0N2YzZDk2LTY4YTctNDNmMS04Y2JlLWU4ZDZkYWRkMDM1ODwvd3NhOkFkZHJlc3M+PC93c2E6RW5kcG9pbnRSZWZlcmVuY2U+PHdzZDpUeXBlcz53c2RwOkRldmljZSBwdWI6Q29tcHV0ZXI8L3dzZDpUeXBlcz48d3NkOlhBZGRycz5odHRwOi8vMTAuMC4yLjE1OjUzNTcvNzQ3ZjNkOTYtNjhhNy00M2YxLThjYmUtZThkNmRhZGQwMzU4Lzwvd3NkOlhBZGRycz48d3NkOk1ldGFkYXRhVmVyc2lvbj4yPC93c2Q6TWV0YWRhdGFWZXJzaW9uPjwvd3NkOkhlbGxvPjwvc29hcDpCb2R5Pjwvc29hcDpFbnZlbG9wZT4="} -00837{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":38,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":13118832,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1073,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":13118832,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00880{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":38,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":13118832,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1073,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":13118832,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01912{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":41,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_packet_id":2,"flow_src_last_pkt_time":13322661,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":1115,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1115,"pkt_l4_len":1081,"thread_ts_usec":13322661,"pkt":"AQBef\/\/6CAAn5uVZCABFAARN4IYAAAER2RAKAAIP7\/\/\/+vnVDnYEOdZOPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c29hcDpFbnZlbG9wZSB4bWxuczpzb2FwPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW52ZWxvcGUiIHhtbG5zOndzYT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNC8wOC9hZGRyZXNzaW5nIiB4bWxuczp3c2Q9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5IiB4bWxuczp3c2RwPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA2LzAyL2RldnByb2YiIHhtbG5zOnB1Yj0iaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93aW5kb3dzL3B1Yi8yMDA1LzA3Ij48c29hcDpIZWFkZXI+PHdzYTpUbz51cm46c2NoZW1hcy14bWxzb2FwLW9yZzp3czoyMDA1OjA0OmRpc2NvdmVyeTwvd3NhOlRvPjx3c2E6QWN0aW9uPmh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5L0hlbGxvPC93c2E6QWN0aW9uPjx3c2E6TWVzc2FnZUlEPnVybjp1dWlkOmZhMTdjZDkwLThmMzktNGY1Yi05ZTI4LWJmZjA4ZmI1Y2QwZTwvd3NhOk1lc3NhZ2VJRD48d3NkOkFwcFNlcXVlbmNlIEluc3RhbmNlSWQ9IjQ2IiBTZXF1ZW5jZUlkPSJ1cm46dXVpZDo3NjczODllMC1lZTlhLTRjMWMtYjkwMi0yMGNiODFkMjAzZTAiIE1lc3NhZ2VOdW1iZXI9IjEiPjwvd3NkOkFwcFNlcXVlbmNlPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOkhlbGxvPjx3c2E6RW5kcG9pbnRSZWZlcmVuY2U+PHdzYTpBZGRyZXNzPnVybjp1dWlkOjc0N2YzZDk2LTY4YTctNDNmMS04Y2JlLWU4ZDZkYWRkMDM1ODwvd3NhOkFkZHJlc3M+PC93c2E6RW5kcG9pbnRSZWZlcmVuY2U+PHdzZDpUeXBlcz53c2RwOkRldmljZSBwdWI6Q29tcHV0ZXI8L3dzZDpUeXBlcz48d3NkOlhBZGRycz5odHRwOi8vMTAuMC4yLjE1OjUzNTcvNzQ3ZjNkOTYtNjhhNy00M2YxLThjYmUtZThkNmRhZGQwMzU4Lzwvd3NkOlhBZGRycz48d3NkOk1ldGFkYXRhVmVyc2lvbj4yPC93c2Q6TWV0YWRhdGFWZXJzaW9uPjwvd3NkOkhlbGxvPjwvc29hcDpCb2R5Pjwvc29hcDpFbnZlbG9wZT4="} 01962{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":42,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_packet_id":2,"flow_src_last_pkt_time":13322798,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":1153,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1153,"pkt_l4_len":1099,"thread_ts_usec":13322798,"pkt":"MzMAAAAMCAAn5uVZht1gB0PFBEsRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dYOdgRLOdU8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiIHhtbG5zOndzZHA9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDYvMDIvZGV2cHJvZiIgeG1sbnM6cHViPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dpbmRvd3MvcHViLzIwMDUvMDciPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvSGVsbG88L3dzYTpBY3Rpb24+PHdzYTpNZXNzYWdlSUQ+dXJuOnV1aWQ6YWMzNzRhY2YtOTJhYi00YWY1LWJkZDEtOTQ5ODVkYWViNDA3PC93c2E6TWVzc2FnZUlEPjx3c2Q6QXBwU2VxdWVuY2UgSW5zdGFuY2VJZD0iNDYiIFNlcXVlbmNlSWQ9InVybjp1dWlkOjc2NzM4OWUwLWVlOWEtNGMxYy1iOTAyLTIwY2I4MWQyMDNlMCIgTWVzc2FnZU51bWJlcj0iMSI+PC93c2Q6QXBwU2VxdWVuY2U+PC9zb2FwOkhlYWRlcj48c29hcDpCb2R5Pjx3c2Q6SGVsbG8+PHdzYTpFbmRwb2ludFJlZmVyZW5jZT48d3NhOkFkZHJlc3M+dXJuOnV1aWQ6NzQ3ZjNkOTYtNjhhNy00M2YxLThjYmUtZThkNmRhZGQwMzU4PC93c2E6QWRkcmVzcz48L3dzYTpFbmRwb2ludFJlZmVyZW5jZT48d3NkOlR5cGVzPndzZHA6RGV2aWNlIHB1YjpDb21wdXRlcjwvd3NkOlR5cGVzPjx3c2Q6WEFkZHJzPmh0dHA6Ly9bZmU4MDo6YzUwZDo1MTlmOjk2YTQ6ZTEwOF06NTM1Ny83NDdmM2Q5Ni02OGE3LTQzZjEtOGNiZS1lOGQ2ZGFkZDAzNTgvPC93c2Q6WEFkZHJzPjx3c2Q6TWV0YWRhdGFWZXJzaW9uPjI8L3dzZDpNZXRhZGF0YVZlcnNpb24+PC93c2Q6SGVsbG8+PC9zb2FwOkJvZHk+PC9zb2FwOkVudmVsb3BlPg=="} 00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":43,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":3,"flow_src_last_pkt_time":13443546,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"thread_ts_usec":13443546,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAABgHO4AAIARBJIKAAIPCgAC\/wCJAIkATEdmnCspEAABAAAAAAABIEVORkRFRkVFRUhFRkZIRUpFT0RCREFDQUNBQ0FDQUNBAAAgAAHADAAgAAEABJPgAAYAAAoAAg8="} @@ -64,18 +64,18 @@ 00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":50,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":13765984,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":70,"pkt_l4_len":16,"thread_ts_usec":13765984,"pkt":"MzMAAAACCAAn5uVZht1gAAAAABA6\/\/6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAChQDYkwAAAAABAQgAJ+blWQ=="} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":82,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":15284358,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15284358,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00661{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":82,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":1,"flow_src_last_pkt_time":15284358,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":179,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":179,"pkt_l4_len":145,"thread_ts_usec":15284358,"pkt":"AQBef\/\/6CAAn5uVZCABFAACl4I8AAAQR2a8KAAIP7\/\/\/+vnaB2wAkQ9eTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClNUOiB1cm46c2NoZW1hcy11cG5wLW9yZzpkZXZpY2U6SW50ZXJuZXRHYXRld2F5RGV2aWNlOjENCk1hbjogInNzZHA6ZGlzY292ZXIiDQpNWDogMw0KDQo="} -00867{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":82,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":15284358,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15284358,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00910{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":82,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":15284358,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15284358,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00733{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":83,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":15285641,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":95,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15285641,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":83,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":1,"flow_src_last_pkt_time":15285641,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":157,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":157,"pkt_l4_len":103,"thread_ts_usec":15285641,"pkt":"MzMAAAAMCAAn5uVZht1gDyjoAGcRBP6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dgHbABnVAhNLVNFQVJDSCAqIEhUVFAvMS4xDQpIb3N0OiBbRkYwMjo6Q106MTkwMA0KU1Q6IHVwbnA6cm9vdGRldmljZQ0KTWFuOiAic3NkcDpkaXNjb3ZlciINCk1YOiAzDQoNCg=="} -00866{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":83,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":15285641,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":95,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15285641,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"[ff02::c]:1900"}} +00909{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":83,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":15285641,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":95,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15285641,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"[ff02::c]:1900"}} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":84,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":2,"flow_src_last_pkt_time":15285745,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":143,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":143,"pkt_l4_len":109,"thread_ts_usec":15285745,"pkt":"AQBef\/\/6CAAn5uVZCABFAACB4JAAAAQR2dIKAAIP7\/\/\/+vnaB2wAbXqpTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClNUOiB1cG5wOnJvb3RkZXZpY2UNCk1hbjogInNzZHA6ZGlzY292ZXIiDQpNWDogMw0KDQo="} 00620{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":87,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":3,"flow_src_last_pkt_time":15468909,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":153,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":153,"pkt_l4_len":99,"thread_ts_usec":15468909,"pkt":"MzMAAQACCAAn5uVZht1gA+R4AGMRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQACAiICIwBj2+oBE9HtAAgAAgEtAAEADgABAAEkIvGzCAAn5uVZAAMADAUIACcAAAAAAAAAAAAnAA0AC01TRURHRVdJTjEwABAADgAAATcACE1TRlQgNS4wAAYACAARABcAGAAn"} 00736{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":88,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":15469659,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":624,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15469659,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01335{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":88,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":1,"flow_src_last_pkt_time":15469659,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":686,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":686,"pkt_l4_len":632,"thread_ts_usec":15469659,"pkt":"MzMAAAAMCAAn5uVZht1gCQFeAngRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+d0OdgJ4bjk8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiIHhtbG5zOndzZHA9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDYvMDIvZGV2cHJvZiI+PHNvYXA6SGVhZGVyPjx3c2E6VG8+dXJuOnNjaGVtYXMteG1sc29hcC1vcmc6d3M6MjAwNTowNDpkaXNjb3Zlcnk8L3dzYTpUbz48d3NhOkFjdGlvbj5odHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA0L2Rpc2NvdmVyeS9Qcm9iZTwvd3NhOkFjdGlvbj48d3NhOk1lc3NhZ2VJRD51cm46dXVpZDozODVlNjBkOC0wOTJhLTRiMmItYmRmYy02YzJkMWQ1MGFjNDI8L3dzYTpNZXNzYWdlSUQ+PC9zb2FwOkhlYWRlcj48c29hcDpCb2R5Pjx3c2Q6UHJvYmU+PHdzZDpUeXBlcz53c2RwOkRldmljZTwvd3NkOlR5cGVzPjwvd3NkOlByb2JlPjwvc29hcDpCb2R5Pjwvc29hcDpFbnZlbG9wZT4="} -00842{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":88,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":15469659,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":624,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15469659,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00885{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":88,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":15469659,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":624,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15469659,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":89,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":15469932,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":624,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15469932,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":89,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":1,"flow_src_last_pkt_time":15469932,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":666,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":666,"pkt_l4_len":632,"thread_ts_usec":15469932,"pkt":"AQBef\/\/6CAAn5uVZCABFAAKM4JIAAAER2sUKAAIP7\/\/\/+vncDnYCeP4aPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c29hcDpFbnZlbG9wZSB4bWxuczpzb2FwPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW52ZWxvcGUiIHhtbG5zOndzYT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNC8wOC9hZGRyZXNzaW5nIiB4bWxuczp3c2Q9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5IiB4bWxuczp3c2RwPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA2LzAyL2RldnByb2YiPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvUHJvYmU8L3dzYTpBY3Rpb24+PHdzYTpNZXNzYWdlSUQ+dXJuOnV1aWQ6Mzg1ZTYwZDgtMDkyYS00YjJiLWJkZmMtNmMyZDFkNTBhYzQyPC93c2E6TWVzc2FnZUlEPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOlByb2JlPjx3c2Q6VHlwZXM+d3NkcDpEZXZpY2U8L3dzZDpUeXBlcz48L3dzZDpQcm9iZT48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+"} -00834{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":89,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":15469932,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":624,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15469932,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00877{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":89,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":15469932,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":624,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":15469932,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00630{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":90,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":2,"flow_src_last_pkt_time":15500206,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":157,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":157,"pkt_l4_len":103,"thread_ts_usec":15500206,"pkt":"MzMAAAAMCAAn5uVZht1gDyjoAGcRBP6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dgHbABnVAhNLVNFQVJDSCAqIEhUVFAvMS4xDQpIb3N0OiBbRkYwMjo6Q106MTkwMA0KU1Q6IHVwbnA6cm9vdGRldmljZQ0KTWFuOiAic3NkcDpkaXNjb3ZlciINCk1YOiAzDQoNCg=="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":91,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_packet_id":3,"flow_src_last_pkt_time":15500388,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":143,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":143,"pkt_l4_len":109,"thread_ts_usec":15500388,"pkt":"AQBef\/\/6CAAn5uVZCABFAACB4JMAAAQR2c8KAAIP7\/\/\/+vnaB2wAbXqpTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClNUOiB1cG5wOnJvb3RkZXZpY2UNCk1hbjogInNzZHA6ZGlzY292ZXIiDQpNWDogMw0KDQo="} 01335{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":93,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_packet_id":2,"flow_src_last_pkt_time":15624849,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":686,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":686,"pkt_l4_len":632,"thread_ts_usec":15624849,"pkt":"MzMAAAAMCAAn5uVZht1gCQFeAngRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+d0OdgJ4bjk8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiIHhtbG5zOndzZHA9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDYvMDIvZGV2cHJvZiI+PHNvYXA6SGVhZGVyPjx3c2E6VG8+dXJuOnNjaGVtYXMteG1sc29hcC1vcmc6d3M6MjAwNTowNDpkaXNjb3Zlcnk8L3dzYTpUbz48d3NhOkFjdGlvbj5odHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA0L2Rpc2NvdmVyeS9Qcm9iZTwvd3NhOkFjdGlvbj48d3NhOk1lc3NhZ2VJRD51cm46dXVpZDozODVlNjBkOC0wOTJhLTRiMmItYmRmYy02YzJkMWQ1MGFjNDI8L3dzYTpNZXNzYWdlSUQ+PC9zb2FwOkhlYWRlcj48c29hcDpCb2R5Pjx3c2Q6UHJvYmU+PHdzZDpUeXBlcz53c2RwOkRldmljZTwvd3NkOlR5cGVzPjwvd3NkOlByb2JlPjwvc29hcDpCb2R5Pjwvc29hcDpFbnZlbG9wZT4="} @@ -84,40 +84,42 @@ 01310{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":100,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_packet_id":3,"flow_src_last_pkt_time":16062775,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":666,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":666,"pkt_l4_len":632,"thread_ts_usec":16062775,"pkt":"AQBef\/\/6CAAn5uVZCABFAAKM4JcAAAER2sAKAAIP7\/\/\/+vncDnYCeP4aPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c29hcDpFbnZlbG9wZSB4bWxuczpzb2FwPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW52ZWxvcGUiIHhtbG5zOndzYT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNC8wOC9hZGRyZXNzaW5nIiB4bWxuczp3c2Q9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5IiB4bWxuczp3c2RwPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA2LzAyL2RldnByb2YiPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvUHJvYmU8L3dzYTpBY3Rpb24+PHdzYTpNZXNzYWdlSUQ+dXJuOnV1aWQ6Mzg1ZTYwZDgtMDkyYS00YjJiLWJkZmMtNmMyZDFkNTBhYzQyPC93c2E6TWVzc2FnZUlEPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOlByb2JlPjx3c2Q6VHlwZXM+d3NkcDpEZXZpY2U8L3dzZDpUeXBlcz48L3dzZDpQcm9iZT48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+"} 00721{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":101,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":16487243,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":16487243,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00750{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":101,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_src_last_pkt_time":16487243,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":243,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":243,"pkt_l4_len":209,"thread_ts_usec":16487243,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAADlHPgAAIARBAMKAAIPCgAC\/wCKAIoA0aFXEQKcLAoAAg8AigC7AAAgRU5GREVGRUVFSEVGRkhFSkVPREJEQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAOgDAAAAAAAAAAAhAFYAAwABAAAAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQBg6gAATVNFREdFV0lOMTAAAAAAAAoAAxAAAA8BVaoA"} -00981{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":101,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":16487243,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":16487243,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System","hostname":"msedgewin10"}} +01024{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":101,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":16487243,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":16487243,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System","hostname":"msedgewin10"}} 00512{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":104,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":70,"pkt_l4_len":16,"thread_ts_usec":17749890,"pkt":"MzMAAAACCAAn5uVZht1gAAAAABA6\/\/6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAChQDYkwAAAAABAQgAJ+blWQ=="} 00631{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":107,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_packet_id":3,"flow_src_last_pkt_time":18297599,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":157,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":157,"pkt_l4_len":103,"thread_ts_usec":18297599,"pkt":"MzMAAAAMCAAn5uVZht1gDyjoAGcRBP6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dgHbABnVAhNLVNFQVJDSCAqIEhUVFAvMS4xDQpIb3N0OiBbRkYwMjo6Q106MTkwMA0KU1Q6IHVwbnA6cm9vdGRldmljZQ0KTWFuOiAic3NkcDpkaXNjb3ZlciINCk1YOiAzDQoNCg=="} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":40005419,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40005419,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00710{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_src_last_pkt_time":40005419,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":40005419,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4KUAAAER3HQKAAIP7\/\/\/+tmcB2wAthOSTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00868{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":40005419,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40005419,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00911{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":40005419,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40005419,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_packet_id":3,"flow_src_last_pkt_time":40185276,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":40185276,"pkt":"AQBeAAD7CAAn5uVZCABFAABEaF8AAAERZEAKAAIP4AAA+xTpFOkAMJ6ZAAAAAAABAAAAAAAAC19nb29nbGVjYXN0BF90Y3AFbG9jYWwAAAwAAQ=="} 00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":127,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_packet_id":3,"flow_src_last_pkt_time":40185408,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":102,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":102,"pkt_l4_len":48,"thread_ts_usec":40185408,"pkt":"MzMAAAD7CAAn5uVZht1gBGNuADARAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAD7FOkU6QAw\/soAAAAAAAEAAAAAAAALX2dvb2dsZWNhc3QEX3RjcAVsb2NhbAAADAAB"} 00736{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":133,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40232223,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232223,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":133,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_src_last_pkt_time":40232223,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":40232223,"pkt":"MzMAAQADCAAn5uVZht1gAihOACARAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQAD9EsU6wAgDPv9UAAAAAEAAAAAAAAGcHVwcGV0AAABAAE="} -00844{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":133,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40232223,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232223,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00887{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":133,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40232223,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232223,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00722{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":134,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40232312,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232312,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":134,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":1,"flow_src_last_pkt_time":40232312,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":40232312,"pkt":"AQBeAAD8CAAn5uVZCABFAAA0pMcAAAERJ+cKAAIP4AAA\/PRLFOsAIKvR\/VAAAAABAAAAAAAABnB1cHBldAAAAQAB"} -00830{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":134,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40232312,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232312,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00873{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":134,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40232312,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232312,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00736{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":135,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40232517,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232517,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":135,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_packet_id":1,"flow_src_last_pkt_time":40232517,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":40232517,"pkt":"MzMAAQADCAAn5uVZht1gAiZUACARAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQADxQMU6wAgtlmDHwAAAAEAAAAAAAAGcHVwcGV0AAAcAAE="} -00844{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":135,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40232517,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232517,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00887{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":135,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40232517,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232517,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00722{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":136,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40232582,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":136,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_packet_id":1,"flow_src_last_pkt_time":40232582,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":40232582,"pkt":"AQBeAAD8CAAn5uVZCABFAAA0pMgAAAERJ+YKAAIP4AAA\/MUDFOsAIFUwgx8AAAABAAAAAAAABnB1cHBldAAAHAAB"} -00830{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":136,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40232582,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00873{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":136,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40232582,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":40232582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":137,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_packet_id":2,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":40630237,"pkt":"MzMAAQADCAAn5uVZht1gAiZUACARAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQADxQMU6wAgtlmDHwAAAAEAAAAAAAAGcHVwcGV0AAAcAAE="} 00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":138,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_packet_id":2,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":40630373,"pkt":"MzMAAQADCAAn5uVZht1gAihOACARAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQAD9EsU6wAgDPv9UAAAAAEAAAAAAAAGcHVwcGV0AAABAAE="} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":139,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_packet_id":2,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":40630451,"pkt":"AQBeAAD8CAAn5uVZCABFAAA0pMkAAAERJ+UKAAIP4AAA\/MUDFOsAIFUwgx8AAAABAAAAAAAABnB1cHBldAAAHAAB"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":140,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_packet_id":2,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":40630489,"pkt":"AQBeAAD8CAAn5uVZCABFAAA0pMoAAAERJ+QKAAIP4AAA\/PRLFOsAIKvR\/VAAAAABAAAAAAAABnB1cHBldAAAAQAB"} 00710{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":142,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_src_last_pkt_time":41020751,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":41020751,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4KYAAAER3HMKAAIP7\/\/\/+tmcB2wAthOSTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00710{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":152,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_packet_id":3,"flow_src_last_pkt_time":42037365,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":42037365,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4KcAAAER3HIKAAIP7\/\/\/+tmcB2wAthOSTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00849{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00852{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00853{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00836{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00892{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00895{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00896{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00879{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00716{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61191313,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":1,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61191313,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegT8AAIARoX8KAAIPCgACAuETFOcACvHOAAA="} +00957{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":157,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61191313,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00716{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61470563,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUAAAIARoX4KAAIPCgACAuEUFOcACvHNAAA="} +00957{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":159,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":159,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61974633,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XhVAAIAGAIEKAAIPUIw\/k8QOc2l5awyyAAAAAIAC+vAaXAAAAgQFtAEDAwgBAQQC"} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":160,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":61974915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} @@ -132,6 +134,7 @@ 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":164,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61977895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c7hAAIAGSJYKAAIPop2PycQTdELYuuv1AAAAAIAC+vA4owAAAgQFtAEDAwgBAQQC"} 00716{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":165,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":165,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61999388,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUEAAIARoX0KAAIPCgACAuEVFOcACvHMAAA="} +00957{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":165,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":166,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":2,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":62017825,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62017825,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoIAAEAG5+ItQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":167,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":2,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":62020527,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62020527,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoMAAEAG3txZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":168,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":62023491,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62023491,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoQAAEAG3BpQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} @@ -150,15 +153,16 @@ 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":63002631,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63002631,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IqxAAIAGH9YKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} 00716{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":176,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":176,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":1,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":63029620,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUIAAIARoXwKAAIPCgACAuEWFOcACvHLAAA="} +00957{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":176,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":177,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":2,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63233986,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoYAAEAGCJAvkzQVCgACD494xBcAY5wBOEHDT2AS\/\/882gAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":178,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":63234208,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63234208,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouwVAAIAG0BMKAAIPL5M0FcQXj3g4QcNPAGOcAlAQ+vBZpgAA"} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":2,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63250328,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAocAAEAGiwHa+gY7CgACDzEMxBQAZJYBrKXgdGAS\/\/+SMQAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":180,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":3,"flow_src_last_pkt_time":63250533,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63250533,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoLR5AAIAG4G0KAAIP2voGO8QUMQyspeB0AGSWAlAQ+vCu\/QAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001980,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261281,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":182,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63000408,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261329,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":181,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001980,"flow_src_last_pkt_time":63261281,"flow_dst_last_pkt_time":63233986,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261281,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":182,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63000408,"flow_src_last_pkt_time":63261329,"flow_dst_last_pkt_time":63250328,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63261329,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":185,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_src_last_pkt_time":63001005,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63297683,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAooAAEAG5kR2qA9HCgACDw9bxBUAZZABIZ4f2mAS\/\/9gyQAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":186,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_packet_id":3,"flow_src_last_pkt_time":63297867,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63297867,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoTFBAAIAGHIIKAAIPdqgPR8QVD1shnh\/aAGWQAlAQ+vB9lQAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":187,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001005,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63309570,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":187,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":63001005,"flow_src_last_pkt_time":63309570,"flow_dst_last_pkt_time":63297683,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63309570,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00724{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":203,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64030714,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64030714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64030714,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":203,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":1,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64030714,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64030714,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZhAAIAG6a4KAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":64031460,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64031460,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64031460,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} @@ -174,10 +178,10 @@ 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":209,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":2,"flow_src_last_pkt_time":64030714,"flow_dst_last_pkt_time":64213365,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64213365,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoApQAAP8Gwb497q2ACgACD+EwxBoAAAAAK91tIlAUAAB6CAAA"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":210,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":2,"flow_src_last_pkt_time":64031460,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":64275826,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsApUAAEAGjec93qBjCgACD0oyxBsAZ4QBK6ojSGAS\/\/\/MHQAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":211,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_packet_id":3,"flow_src_last_pkt_time":64276185,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64276185,"pkt":"UlQAEjUCCAAn5uVZCABFAAAocDVAAIAGoEoKAAIPPd6gY8QbSjIrqiNIAGeEAlAQ+vDo6QAA"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":212,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64031460,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64276339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":212,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64031460,"flow_src_last_pkt_time":64276339,"flow_dst_last_pkt_time":64275826,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64276339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":214,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":2,"flow_src_last_pkt_time":64032727,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":64291117,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsApcAAEAGH32vtZz0CgACDyA\/xB4AaH4BbaXa1mAS\/\/+UGgAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":215,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_packet_id":3,"flow_src_last_pkt_time":64291318,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":64291318,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoyBJAAIAG2gQKAAIPr7Wc9MQeID9tpdrWAGh+AlAQ+vCw5gAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":216,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64032727,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64291511,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":216,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":64032727,"flow_src_last_pkt_time":64291511,"flow_dst_last_pkt_time":64291117,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":64291511,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":227,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_packet_id":3,"flow_src_last_pkt_time":64717165,"flow_dst_last_pkt_time":64213365,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":64717165,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GZlAAIAG6a0KAAIPPe6tgMQa4TAr3W0hAAAAAIAC+vA+WAAAAgQFtAEDAwgBAQQC"} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":229,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":65061127,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65061127,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":229,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_packet_id":1,"flow_src_last_pkt_time":65061127,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65061127,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0q8tAAIAGVuYKAAIPd+10FsQgIevuSsSrAAAAAIAC+vDjCgAAAgQFtAEDAwgBAQQC"} @@ -193,12 +197,12 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":234,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":65063303,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":65063303,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DWpAAIAG8s4KAAIPVXWZB8Qlw9oAc\/5TAAAAAIAC+vDyzAAAAgQFtAEDAwgBAQQC"} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":182,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":182,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65065554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00722{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":1,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":224,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":224,"pkt_l4_len":190,"thread_ts_usec":65065554,"pkt":"AQBef\/\/6CAAn5uVZCABFAADS4KkAAAER3GgKAAIP7\/\/\/+uEXB2wAvizBTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6ZGV2aWNlOkludGVybmV0R2F0ZXdheURldmljZToyDQpNWDogMw0KDQo="} -00868{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":182,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":182,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65065554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00911{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065554,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":182,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":182,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65065554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00722{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":236,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":2,"flow_src_last_pkt_time":65065613,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":224,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":224,"pkt_l4_len":190,"thread_ts_usec":65065613,"pkt":"AQBef\/\/6CAAn5uVZCABFAADS4KoAAAER3GcKAAIP7\/\/\/+uEXB2wAvi3BTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6ZGV2aWNlOkludGVybmV0R2F0ZXdheURldmljZToxDQpNWDogMw0KDQo="} 00714{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":237,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_packet_id":3,"flow_src_last_pkt_time":65065666,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":219,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":219,"pkt_l4_len":185,"thread_ts_usec":65065666,"pkt":"AQBef\/\/6CAAn5uVZCABFAADN4KsAAAER3GsKAAIP7\/\/\/+uEXB2wAuZDETS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClVTRVItQUdFTlQ6IGd0ay1nbnV0ZWxsYS8xLjIuMiAoMjAyMi0wMi0yNSkNCk1BTjogInNzZHA6ZGlzY292ZXIiDQpTVDogdXJuOnNjaGVtYXMtdXBucC1vcmc6c2VydmljZTpXQU5JUENvbm5lY3Rpb246Mg0KTVg6IDMNCg0K"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":241,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":2,"flow_src_last_pkt_time":65062594,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":65240540,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAp8AAEAGUxwOxwo8CgACD1uixCMAa2wB\/Z82JWAS\/\/+zDQAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":242,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_packet_id":3,"flow_src_last_pkt_time":65241148,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":65241148,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoSFFAAIAGjW0KAAIPDscKPMQjW6L9nzYlAGtsAlAQ+vDP2QAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":243,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":65062594,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65241442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":243,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":65062594,"flow_src_last_pkt_time":65241442,"flow_dst_last_pkt_time":65240540,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":65241442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":252,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":2,"flow_src_last_pkt_time":66017540,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017540,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xttAAIAGndgKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":253,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":2,"flow_src_last_pkt_time":66017697,"flow_dst_last_pkt_time":63001498,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017697,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1tAAIAGzIQKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":254,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":2,"flow_src_last_pkt_time":66017738,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":66017738,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iq1AAIAGH9UKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} @@ -252,7 +256,7 @@ 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":284,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_packet_id":3,"flow_src_last_pkt_time":68170325,"flow_dst_last_pkt_time":67657380,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68170325,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0k7pAAIAGcS8KAAIPJOnE4sQsDuwTBJqfAAAAAIAC+vD9iAAAAgQFtAEDAwgBAQQC"} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":286,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":2,"flow_src_last_pkt_time":68108022,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":68368318,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAqgAAEAGVIJ08aKiCgACDz09xDIAcUgB9bSpG2AS\/\/+LwQAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":287,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_packet_id":3,"flow_src_last_pkt_time":68368739,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68368739,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobmNAAIAGaMoKAAIPdPGiosQyPT31tKkbAHFIAlAQ+vCojQAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":68108022,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68372551,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":68108022,"flow_src_last_pkt_time":68372551,"flow_dst_last_pkt_time":68368318,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":68372551,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":290,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":2,"flow_src_last_pkt_time":68109135,"flow_dst_last_pkt_time":68425030,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":68425030,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAqoAAP8GHcZv8R9gCgACDzgwxDQAAAAAU1SN+lAUAAA2vQAA"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":298,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_packet_id":3,"flow_src_last_pkt_time":68935809,"flow_dst_last_pkt_time":68425030,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":68935809,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KIpAAIAGNtoKAAIPb\/EfYMQ0ODBTVI35AAAAAIAC+vD7DAAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":299,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":2,"flow_src_last_pkt_time":69076695,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69076695,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdpAAIAGUVsKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} @@ -275,17 +279,17 @@ 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":311,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_packet_id":1,"flow_src_last_pkt_time":69142856,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":69142856,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lydAAIAGNGMKAAIPWHvKr8Q9lBZfEvXQAAAAAIAC+vCXrgAAAgQFtAEDAwgBAQQC"} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":312,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":2,"flow_src_last_pkt_time":69142619,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69169021,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAq8AAEAGhyBdHYfRCgACDxjKxDwAczwBOuMML2AS\/\/9GjAAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":313,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_packet_id":3,"flow_src_last_pkt_time":69169240,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69169240,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoZ6tAAIAGoicKAAIPXR2H0cQ8GMo64wwvAHM8AlAQ+vBjWAAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":314,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142619,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69174200,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":314,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142619,"flow_src_last_pkt_time":69174200,"flow_dst_last_pkt_time":69169021,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69174200,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":2,"flow_src_last_pkt_time":69142400,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69182147,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArEAAEAGyG4tWHZGCgACDxr6xDsAdDYBRmqi+GAS\/\/\/pWwAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_packet_id":3,"flow_src_last_pkt_time":69182344,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69182344,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoAgRAAIAGSR8KAAIPLVh2RsQ7GvpGaqL4AHQ2AlAQ+vAGKAAA"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142400,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69182494,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69142400,"flow_src_last_pkt_time":69182494,"flow_dst_last_pkt_time":69182147,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69182494,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":327,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":3,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":69360165,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360165,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArgAAEAG3qdZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":328,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":3,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":69360270,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360270,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArkAAEAG56stQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":329,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_packet_id":3,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":69360303,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360303,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAroAAEAG+PjPJqPkCgACDxp6xA8AYK4B6qFHeGAS\/\/9Z9wAAAgQFtA=="} 00497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":330,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":3,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":69360329,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360329,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArsAAEAG2+NQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":331,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":2,"flow_src_last_pkt_time":69141177,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":69360359,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsArwAAEAGwoS2m\/LhCgACDzrcxDgAdioBOrzIf2AS\/\/+1wgAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":332,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_packet_id":3,"flow_src_last_pkt_time":69360759,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":69360759,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoLcFAAIAGF4MKAAIPtpvy4cQ4Otw6vMh\/AHYqAlAQ+vDSjgAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":333,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69141177,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69361087,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":333,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":69141177,"flow_src_last_pkt_time":69361087,"flow_dst_last_pkt_time":69360359,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":69361087,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":343,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":2,"flow_src_last_pkt_time":70110432,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110432,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtFAAIAGDgYKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":344,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_packet_id":2,"flow_src_last_pkt_time":70110576,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110576,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0faJAAIAGiKUKAAIPO2itBcQtwyRMUgplAAAAAIAC+vChmQAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":345,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":2,"flow_src_last_pkt_time":70110619,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70110619,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R01AAIAGN+QKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} @@ -314,21 +318,21 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":363,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":2,"flow_src_last_pkt_time":71122842,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122842,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4lAAIAGtdcKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":364,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":2,"flow_src_last_pkt_time":71122875,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122875,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZpAAIAGsgcKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":365,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_packet_id":2,"flow_src_last_pkt_time":71122895,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKFAAIAGOewKAAIPSQNnJcQ2Q5DEXLK5AAAAAIAC+vA5CwAAAgQFtAEDAwgBAQQC"} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00868{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00863{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00869{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00997{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":16487243,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} -00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00889{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00885{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00867{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":43490007,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":546,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00885{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00920{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00911{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00906{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00912{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01040{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":16487243,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +00920{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00932{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00928{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00910{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":43490007,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":546,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00914{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00928{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71122895,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":71203227,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71203227,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":1,"flow_src_last_pkt_time":71203227,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71203227,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0JAAIAGin4KAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":367,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71204033,"flow_src_last_pkt_time":71204033,"flow_dst_last_pkt_time":71204033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71204033,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} @@ -343,10 +347,10 @@ 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":1,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71205609,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71205609,"pkt":"UlQAEjUCCAAn5uVZCABFAAA08yJAAIAG8AwKAAIPVtC0tcRJszsghBY3AAAAAIAC+vCuSgAAAgQFtAEDAwgBAQQC"} 00687{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":372,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00512{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":372,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":1,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":71216656,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4AsYAAP8BoC4KAAICCgACDwMBntkAAAAARQAANGWZQAB\/BrMICgACD0xEis\/EN7AX1ucS7g=="} -00812{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.521641}} +00855{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.521641}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":2,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71312602,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAscAAEAGYHFW0LS1CgACD7M7xEkAehIBIIQWOGAS\/\/+\/xQAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":3,"flow_src_last_pkt_time":71312945,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71312945,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo8yNAAIAG8BcKAAIPVtC0tcRJszsghBY4AHoSAlAQ+vDckQAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":375,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205609,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":303,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71313221,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":375,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205609,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":303,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71313221,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":381,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":381,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_packet_id":1,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71535614,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnYAAIARfQoKAAIPWKDWiXAJGMoAINufR05EED6TAQFUC1FLUlAGUk5BXS\/iNQlw"} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":382,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -395,7 +399,7 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":403,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":1,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71541038,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02U0AAIAREUUKAAIPBbQ+ZHAJtTEAICo0R05EED6pAQFUC1FLUlAGUk5BXS\/iNQlw"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":2,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71605139,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAswAAEAGY0Nt1prYCgACDxjKxEgAewwBHNfF\/mAS\/\/+29AAAAgQFtA=="} 00487{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":3,"flow_src_last_pkt_time":71605439,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71605439,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5AxAAIAGAgYKAAIPbdaa2MRIGMoc18X+AHsMAlAQ+vDTwAAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205274,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71608015,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71205274,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71608015,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":411,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_packet_id":3,"flow_src_last_pkt_time":72031634,"flow_dst_last_pkt_time":63001498,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031634,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B1xAAIAGzIMKAAIPVoHEVMQWJrsID0+\/AAAAAIAC+vAKmwAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_packet_id":3,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031726,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xtxAAIAGndcKAAIPsIDZgMQYsIr8Y98AAAAAAIAC+vCOBwAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":413,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":3,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72031755,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Iq5AAIAGH9QKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} @@ -414,13 +418,13 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":1,"flow_src_last_pkt_time":72267129,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72267129,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnJAAIAGzTgKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":2,"flow_src_last_pkt_time":72264816,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72462483,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAs8AAEAGtlsbXpo1CgACDxjKxEoAfQABvj80X2AS\/\/8GQwAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_packet_id":3,"flow_src_last_pkt_time":72462904,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72462904,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoalRAAIAGztkKAAIPG16aNcRKGMq+PzRfAH0AAlAQ+vAjDwAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":424,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72264816,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72463250,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":424,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72264816,"flow_src_last_pkt_time":72463250,"flow_dst_last_pkt_time":72462483,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72463250,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":2,"flow_src_last_pkt_time":72266136,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72471836,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAtEAAEAG0LF7yh9xCgACD004xEwAfvQBVTNjAWAS\/\/8ykwAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_packet_id":3,"flow_src_last_pkt_time":72472109,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72472109,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoVqZAAIAG\/N8KAAIPe8ofccRMTThVM2MBAH70AlAQ+vBPXwAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":428,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266136,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72472350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":428,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266136,"flow_src_last_pkt_time":72472350,"flow_dst_last_pkt_time":72471836,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72472350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":433,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":2,"flow_src_last_pkt_time":72266629,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":72595583,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAtUAAEAGmJxn6GtkCgACD6n0xE0Af+4BiO6DFWAS\/\/9P9AAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":3,"flow_src_last_pkt_time":72596109,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72596109,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo0UVAAIAGSi8KAAIPZ+hrZMRNqfSI7oMVAH\/uAlAQ+vBswAAA"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":435,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266629,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72596459,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":435,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":72266629,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72595583,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72596459,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":450,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72848739,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_packet_id":1,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72848739,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XAwAAIARFJoKAAIPqv4TBnAJXnQAIAcER05EED6qAQFUC1FLUlAGUk5BXS\/iNQlw"} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":451,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849111,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -496,10 +500,10 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":1,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74329162,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":74329162,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07XNAAIAG0w0KAAIPUD3d9sRWd3H5FzmMAAAAAIAC+vDLcAAAAgQFtAEDAwgBAQQC"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":2,"flow_src_last_pkt_time":74329162,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":74362174,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAuYAAEAGPaRQPd32CgACD3dxxFYAg9YB+Rc5jWAS\/\/8Y4gAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":508,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_packet_id":3,"flow_src_last_pkt_time":74362581,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74362581,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo7XRAAIAG0xgKAAIPUD3d9sRWd3H5FzmNAIPWAlAQ+vA1rgAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74329162,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74362905,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":509,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74329162,"flow_src_last_pkt_time":74362905,"flow_dst_last_pkt_time":74362174,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74362905,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":517,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":2,"flow_src_last_pkt_time":74327445,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":74510418,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAuwAAEAGWa63s1pwCgACDyZ8xFMAhNABNL0aJWAS\/\/9vrAAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":518,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_packet_id":3,"flow_src_last_pkt_time":74510790,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":74510790,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo4oxAAIAG+hAKAAIPt7NacMRTJnw0vRolAITQAlAQ+vCMeAAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":519,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74327445,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74511118,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":519,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74327445,"flow_src_last_pkt_time":74511118,"flow_dst_last_pkt_time":74510418,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":74511118,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":527,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_packet_id":3,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077028,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZdtAAIAGUVoKAAIPtpuA5MQoDLg79XydAAAAAIAC+vCnHQAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":528,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_packet_id":3,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077158,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FTlAAIAG3SgKAAIPUMGrksQm0jCYt6bIAAAAAIAC+vCV5QAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_packet_id":3,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75077234,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8RAAIAGrlIKAAIPcfxWosQp1q4KULlcAAAAAIAC+vBA7QAAAgQFtAEDAwgBAQQC"} @@ -518,7 +522,7 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":539,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":1,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75359834,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":75359834,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DLlAAIAGV04KAAIP20avZ8RaENsT5fMFAAAAAIAC+vABQgAAAgQFtAEDAwgBAQQC"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":540,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":2,"flow_src_last_pkt_time":74328635,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":75482520,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAvIAAEAGpZCcOSoCCgACD4LExFUAh74BMu52DGAS\/\/8XLwAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":541,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_packet_id":3,"flow_src_last_pkt_time":75482943,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75482943,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoZAVAAIAGxIAKAAIPnDkqAsRVgsQy7nYMAIe+AlAQ+vAz+wAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":542,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74328635,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75501507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":542,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":74328635,"flow_src_last_pkt_time":75501507,"flow_dst_last_pkt_time":75482520,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":75501507,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":545,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_packet_id":2,"flow_src_last_pkt_time":75359834,"flow_dst_last_pkt_time":75731769,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":75731769,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAvQAAP8GIh\/bRq9nCgACDxDbxFoAAAAAE+XzBlAUAAA88gAA"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":546,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_packet_id":3,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122465,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UtJAAIAGDgUKAAIPTn0\/YcQwGMq9KdLlAAAAAIAC+vBtKAAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":547,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_packet_id":3,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":76122571,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0R05AAIAGN+MKAAIPdqf43MQv9oQzn2SqAAAAAIAC+vCljgAAAgQFtAEDAwgBAQQC"} @@ -539,7 +543,7 @@ 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":565,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":2,"flow_src_last_pkt_time":78374120,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374120,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYhAAIAGqN8KAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":566,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":2,"flow_src_last_pkt_time":78374257,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374257,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOdAAIAGV+0KAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":567,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":2,"flow_src_last_pkt_time":78374291,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":78374291,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsZAAIAGE88KAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":570,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":63001498,"flow_src_last_pkt_time":78517708,"flow_dst_last_pkt_time":78516421,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":78517708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":570,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":63001498,"flow_src_last_pkt_time":78517708,"flow_dst_last_pkt_time":78516421,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":78517708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":577,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_packet_id":3,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79200890,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KchAAIAGHhYKAAIPfNop\/cQ+5wgF3IcnAAAAAIAC+vCI7gAAAgQFtAEDAwgBAQQC"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":578,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":3,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201010,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UW1AAIAGasEKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":579,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_packet_id":3,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":79201060,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01kRAAIAGdAUKAAIPcGk0AsQ\/GPASVmSCAAAAAIAC+vBvnQAAAgQFtAEDAwgBAQQC"} @@ -551,10 +555,10 @@ 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_packet_id":3,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232155,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c0RAAIAGinwKAAIPvD00t8RE+erRmdziAAAAAIAC+vAKcAAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":3,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":71204033,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":80232165,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0I3VAAIAGoEwKAAIPST7htcRFtvuqIJp6AAAAAIAC+vB9QAAAAgQFtAEDAwgBAQQC"} 00513{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":587,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":2,"flow_src_last_pkt_time":80247614,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":80247614,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4AvwAAP8Bn\/gKAAICCgACDwMBntkAAAAARQAANGWbQAB\/BrMGCgACD0xEis\/EN7AX1ucS7g=="} -00849{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00852{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00853{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00836{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00892{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00895{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00896{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00879{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":80247614,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":588,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_packet_id":3,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81278710,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnRAAIAGzTYKAAIPGE6GvMROv5bJBoRLAAAAAIAC+vD3zgAAAgQFtAEDAwgBAQQC"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":3,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81294293,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvlAAIAGYVIKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":593,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057279,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -700,7 +704,7 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":675,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":1,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":83805549,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83805549,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0d8ZAAIAGrlAKAAIPcfxWosRbJBfMcOElAAAAAIAC+vAJaQAAAgQFtAEDAwgBAQQC"} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":676,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":2,"flow_src_last_pkt_time":83805549,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84026178,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwcAAEAGoxhx\/FaiCgACDyQXxFsAmFgBzHDhJmAS\/\/\/UxQAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":677,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_packet_id":3,"flow_src_last_pkt_time":84026741,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84026741,"pkt":"UlQAEjUCCAAn5uVZCABFAAAod8dAAIAGrlsKAAIPcfxWosRbJBfMcOEmAJhYAlAQ+vDxkQAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":678,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":83805549,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84027383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":678,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":83805549,"flow_src_last_pkt_time":84027383,"flow_dst_last_pkt_time":84026178,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84027383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":685,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_packet_id":3,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388160,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYlAAIAGqN4KAAIPXwrNQ8RYvPy3IUp\/AAAAAIAC+vC4zAAAAgQFtAEDAwgBAQQC"} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":686,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_packet_id":3,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388275,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xOhAAIAGV+wKAAIPSbaIKsRXbOGIdOVZAAAAAIAC+vD3KAAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":687,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_packet_id":3,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84388302,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bsdAAIAGE84KAAIPcf\/6IMRZzacG03PuAAAAAIAC+vDvLQAAAgQFtAEDAwgBAQQC"} @@ -714,10 +718,10 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":691,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_packet_id":1,"flow_src_last_pkt_time":84593690,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":84593690,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0KpdAAIAGI14KAAIP2qTGG8Rf6yo8NHW4AAAAAIAC+vBl2QAAAgQFtAEDAwgBAQQC"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":692,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":2,"flow_src_last_pkt_time":84592023,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84824113,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwwAAEAGn4vS0flUCgACD2CvxFwAmkwBaX1M0WAS\/\/+X6wAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":693,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_packet_id":3,"flow_src_last_pkt_time":84824601,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84824601,"pkt":"UlQAEjUCCAAn5uVZCABFAAAov8FAAIAGYtkKAAIP0tH5VMRcYK9pfUzRAJpMAlAQ+vC0twAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":694,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592023,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84825826,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":694,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592023,"flow_src_last_pkt_time":84825826,"flow_dst_last_pkt_time":84824113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84825826,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":696,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":2,"flow_src_last_pkt_time":84592660,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":84862906,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAw4AAEAGBkbaZ4sCCgACDwxyxF0Am0YBMJyEhWAS\/\/9aEAAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":697,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_packet_id":3,"flow_src_last_pkt_time":84863146,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":84863146,"pkt":"UlQAEjUCCAAn5uVZCABFAAAosEBAAIAG2RYKAAIP2meLAsRdDHIwnISFAJtGAlAQ+vB23AAA"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":698,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592660,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84863568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":698,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":84592660,"flow_src_last_pkt_time":84863568,"flow_dst_last_pkt_time":84862906,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":84863568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00723{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":710,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":85607249,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607249,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":710,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_packet_id":1,"flow_src_last_pkt_time":85607249,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":85607249,"pkt":"UlQAEjUCCAAn5uVZCABFAAA07jxAAIAGRpwKAAIPAay4MMRgM\/L4VuGpAAAAAIAC+vDb4AAAAgQFtAEDAwgBAQQC"} 00724{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":711,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":85607568,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":85607568,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} @@ -760,10 +764,10 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":743,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":1,"flow_src_last_pkt_time":88706114,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":88706114,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYJAAIAGx78KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":746,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":2,"flow_src_last_pkt_time":88704875,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":88816649,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAyoAAEAGurFLhWVdCgACD8yPxG0AoxYBwnfwg2AS\/\/+AiAAAAgQFtA=="} 00490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":747,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_packet_id":3,"flow_src_last_pkt_time":88816906,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88816906,"pkt":"UlQAEjUCCAAn5uVZCABFAAAocclAAIAGzBUKAAIPS4VlXcRtzI\/Cd\/CDAKMWAlAQ+vCdVAAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":748,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704875,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88817129,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":748,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704875,"flow_src_last_pkt_time":88817129,"flow_dst_last_pkt_time":88816649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88817129,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":750,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":2,"flow_src_last_pkt_time":88704150,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":88832463,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAywAAEAGIK1onOJICgACD9AKxGwApBABxlioc2AS\/\/8tOgAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":751,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_packet_id":3,"flow_src_last_pkt_time":88832860,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":88832860,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5t9AAIAGvPwKAAIPaJziSMRs0ArGWKhzAKQQAlAQ+vBKBgAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":752,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704150,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88833232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":752,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":88704150,"flow_src_last_pkt_time":88833232,"flow_dst_last_pkt_time":88832463,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88833232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":754,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":3,"flow_src_last_pkt_time":88897406,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":88897406,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4Ay4AAP8Bn8YKAAICCgACDwMBvHoAAAAARQAANFAnQAB\/BsDKCgACD3p1ZE7EYyMyoRe31g=="} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":758,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":88941886,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":88941886,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00513{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":758,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":1,"flow_src_last_pkt_time":88941886,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":88941886,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4ccwAAIARC\/gKAAIPS4VlXXAJzI8AJKBHjeQxAkkpJRz\/KX356SYEAwABAAUAAADDglFLQA=="} @@ -783,71 +787,71 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":784,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":1,"flow_src_last_pkt_time":89733458,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89733458,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYFAAIAGGXcKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":786,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":786,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":1,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829104,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBGAAAIARhQ4KAAIPYEFEwnAJipkAWRiep7MxAim3LsYw33fFcko2zkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":786,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":786,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":787,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829259,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":787,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":1,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829259,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYHgAAIARZpQKAAIPtVSyEHAJ62YAWWkRdMAxAjueygYrMQV+6lVI4UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":787,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829259,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":787,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829259,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":788,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":788,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_packet_id":1,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829492,"pkt":"UlQAEjUCCAAn5uVZCABFAABtDeAAAIARAL4KAAIPQh7dtXAJLuwAWQScCKYxAn7wSVwJearIKZuX\/UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":788,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":788,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01458{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":789,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":2,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89964910,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":89964910,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAzsAAEARw61gQUTCCgACD4qZcAkC3\/jzp7MxAim3LsYw33fFcko2zkQAAMACAAAGR1RLRwAAKfRYs\/Fa1CmeYJshGT65b9iJmmUEYEFEwoqZAQAAAARL51cQFEdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":790,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":790,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":1,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89966123,"pkt":"UlQAEjUCCAAn5uVZCABFAABthPwAAIARBkMKAAIPLVh12nAJGv0AWWOTCPExAoCeF40w0KwTJyzTOUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":790,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":790,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":791,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966706,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":791,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":1,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89966706,"pkt":"UlQAEjUCCAAn5uVZCABFAABteN4AAIAR6HgKAAIPM0SZ1nAJZo0AWRfF0U0xAgQATbK3Z+3BHrxn1kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":791,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966706,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":791,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966706,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89967108,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":1,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89967108,"pkt":"UlQAEjUCCAAn5uVZCABFAABtv\/sAAIAR2k0KAAIPucvaXHAJ3oIAWehILgsxAjPZohvFNPL\/fzMDzUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89967108,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89967108,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01456{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":793,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":2,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":90003667,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90003667,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAzwAAEARm5UzRJnWCgACD2aNcAkC356C0U0xAgQATbK3Z+3BHrxn1kQAAMACAAAGR1RLRwAAP8uu0MEeyu8HazDjgCpjZAKtBhAEM0SZ1maNAQAAAAT9K4fbFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":794,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90004820,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":794,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_packet_id":1,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90004820,"pkt":"UlQAEjUCCAAn5uVZCABFAABtaUEAAIARBHsKAAIPSIx4KXAJunsAWfVM+10xAo9f69NRsDNb4\/pKE0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":794,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90004820,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":794,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90004820,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":795,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005045,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005045,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":795,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":1,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90005045,"pkt":"UlQAEjUCCAAn5uVZCABFAABtgogAAIAR60AKAAIPwSX\/gnAJ8LAAWXkqrf0xAupVi8ylWZxhuwdOwkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":795,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005045,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005045,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":795,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005045,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005045,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":796,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005361,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":796,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":1,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90005361,"pkt":"UlQAEjUCCAAn5uVZCABFAABt+\/sAAIARkCYKAAIPWHhJ13AJX\/IAWfWM7VYxAm\/Ch\/PFy9OUV6XMR0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":796,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005361,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":796,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005361,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01461{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":797,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":2,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90038567,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90038567,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAz0AAEARxl9YeEnXCgACD1\/ycAkC3xJi7VYxAm\/Ch\/PFy9OUV6XMR0QAAMACAAAGR1RLRwAADJe19wd9tDyoR\/wXh6nJoKWkNEIEWHhJ11\/yAQAAAATxtX5bFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2Q=="} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":798,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039406,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039406,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":798,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":1,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90039406,"pkt":"UlQAEjUCCAAn5uVZCABFAABt7XgAAIAREsUKAAIPUD3d9nAJd3EAWbzbp0UxAokhPuR+ZJu6wwLrOkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":798,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039406,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039406,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":798,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039406,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039406,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":799,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":799,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_packet_id":1,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90039633,"pkt":"UlQAEjUCCAAn5uVZCABFAABtEcIAAIARHzsKAAIPYPacfnAJxHkAWRCy7dwxAiOKI2B1HBL1\/IoOJUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":799,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":799,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":800,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":800,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_packet_id":1,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90039956,"pkt":"UlQAEjUCCAAn5uVZCABFAABtsx4AAIARLMMKAAIPUrX72nAJjhAAWVPSkYYxArzIs2GmVy70sFjiYEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":800,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":800,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01458{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":801,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":2,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90071609,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90071609,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAz4AAEAROnpQPd32CgACD3dxcAkC3wb\/p0UxAokhPuR+ZJu6wwLrOkQAAMACAAAGR1RLRwAADWk0EbJTji7xq2N2EERly+h8FzIEUD3d9ndxAQAAAATOg6hoFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":802,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":802,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_packet_id":1,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90072633,"pkt":"UlQAEjUCCAAn5uVZCABFAABthFwAAIARuZsKAAIPGBrYX3AJNkEAWZh4MEMxAu0STIEN6nLhhZZqvEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":802,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":802,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":803,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072798,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":803,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":1,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90072798,"pkt":"UlQAEjUCCAAn5uVZCABFAABt0UkAAIARidsKAAIPZ+hrZHAJqfQAWVSlBkIxAi75axRUS7XsWs\/C60QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":803,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072798,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":803,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072798,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":804,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90073006,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90073006,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":804,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_packet_id":1,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90073006,"pkt":"UlQAEjUCCAAn5uVZCABFAABtDzkAAIARfk0KAAIPLoBya3AJGbIAWQrBwagxArEYlVcnjAyV6XOvHEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":804,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90073006,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90073006,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":804,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90073006,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90073006,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01458{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":809,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":2,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90132904,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90132904,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0EAAEARqALBJf+CCgACD\/CwcAkC35hMrf0xAupVi8ylWZxhuwdOwkQAAMACAAAGR1RLRwAAC5wNVaWmIUX476YAPO2IwX6VsyAEwSX\/gvCwAQAAAASWmcaYFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 01457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":810,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_packet_id":2,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90137530,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90137530,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0IAAEARx74ugHJrCgACDxmycAkC32FSwagxArEYlVcnjAyV6XOvHEQAAMACAAAGR1RLRwAAGIXhRHN5ftV2L3caNPMmmEQDSzUELoByaxmyAQAAAARlWXO2FEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138188,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":1,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90138188,"pkt":"UlQAEjUCCAAn5uVZCABFAABtxUwAAIAR+3EKAAIPPPEwwnAJUzUAWWdCqc0xAhWpgpzJQk2EqzRt70QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138188,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138188,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00724{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138420,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":1,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90138420,"pkt":"UlQAEjUCCAAn5uVZCABFAABtRC0AAIARXOYKAAIPWUs0E3AJs7oAWZEdEsYxApinpNiOVYwKMx8qLUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00964{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138420,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01007{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138420,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":813,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":813,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_packet_id":1,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90138798,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTM8AAIAR3pQKAAIPUtmwNHAJHRYAWfrhGukxApDm6ECPcKUTk+0ioUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":813,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":813,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":814,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":2,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90182821,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90182821,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0MAAEAR20pZSzQTCgACD7O6cAkC35hjEsYxApinpNiOVYwKMx8qLUQAAMACAAAGR1RLRwAAGcOxs9Yotu5YI3ngDJa2NEz7hxIEWUs0E7O6AQAAAAQphpmTFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNVdTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyQ=="} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90183929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_packet_id":1,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90183929,"pkt":"UlQAEjUCCAAn5uVZCABFAABtGYoAAIAR6JkKAAIPXwrNQ3AJLVMAWdsMrwExAn9FQ02TKgtsdnbe2UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90183929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90183929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90184128,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90184128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_packet_id":1,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90184128,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTH0AAIARTyMKAAIPy9zG9HAJBKoAWeojZPExAoo7ciOaCRHkTxe8NEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90184128,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90184128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90184128,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90184128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":818,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":2,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":90267957,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90267957,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0QAAEARAUO1VLIQCgACD+tmcAkC3zlLdMAxAjueygYrMQV+6lVI4UQAAMACAAAGR1RLRwAAKnLYr\/aGTLaMbt4HEbnkS5LKRh0EtVSyEOtmAQAAAAQDkoiwFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzA=="} 01459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":819,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":2,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90386058,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90386058,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0UAAEARlVpn6GtkCgACD6n0cAkC312iBkIxAi75axRUS7XsWs\/C60QAAMACAAAGR1RLRwAABkx5M4bYu4J4fOkW\/7Sl8nWo53gEZ+hrZKn0AQAAAASAlqYNFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 01457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":820,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":2,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90452008,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90452008,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0YAAEAR+vI88TDCCgACD1M1cAkC31EXqc0xAhWpgpzJQk2EqzRt70QAAMACAAAGR1RLRwAAGN\/m\/5SuT3RX9Y8zGKdBIhyITj8EPPEwwlM1AQAAAASjKCcfFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} @@ -925,52 +929,52 @@ 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":859,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":1,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90747782,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":90747782,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0eN9AAIAGqLsKAAIPM0SZ1sSTZo3Cj79BAAAAAIAC+vDuAwAAAgQFtAEDAwgBAQQC"} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":860,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":2,"flow_src_last_pkt_time":90742816,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90760006,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0kAAEAGeoC8PTS3CgACDy5MxHwAp\/gBiFqWg2AS\/\/+QwwAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":861,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_packet_id":3,"flow_src_last_pkt_time":90760234,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90760234,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoc0ZAAIAGioYKAAIPvD00t8R8LkyIWpaDAKf4AlAQ+vCtjwAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":862,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742816,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90763740,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":862,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742816,"flow_src_last_pkt_time":90763740,"flow_dst_last_pkt_time":90760006,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90763740,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":864,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":2,"flow_src_last_pkt_time":90746613,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90767342,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0sAAEAGN+GOhKUNCgACD3dmxIwAqPIB4YpKRGAS\/\/\/+CQAAAgQFtA=="} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":865,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":2,"flow_src_last_pkt_time":90741172,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90767744,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA0wAAEAGSwNNOtM0CgACDw7exHgAqewBNESdzWAS\/\/\/ZhQAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":866,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_packet_id":3,"flow_src_last_pkt_time":90767809,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90767809,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxkxAAIAG9OIKAAIPjoSlDcSMd2bhikpEAKjyAlAQ+vAa1gAA"} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":867,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_packet_id":3,"flow_src_last_pkt_time":90768107,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90768107,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoHOhAAIAGsWoKAAIPTTrTNMR4Dt40RJ3NAKnsAlAQ+vD2UQAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":868,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746613,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90768191,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":868,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746613,"flow_src_last_pkt_time":90768191,"flow_dst_last_pkt_time":90767342,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90768191,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":870,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":2,"flow_src_last_pkt_time":90747315,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90768698,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA04AAEAG9E3Co7R+CgACDypJxJAAquYBYmFhZWAS\/\/97mQAAAgQFtA=="} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":871,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741172,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90771803,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":871,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741172,"flow_src_last_pkt_time":90771803,"flow_dst_last_pkt_time":90767744,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90771803,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":873,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_packet_id":3,"flow_src_last_pkt_time":90772156,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772156,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoSs1AAIAGLNIKAAIPwqO0fsSQKkliYWFlAKrmAlAQ+vCYZQAA"} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":874,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":2,"flow_src_last_pkt_time":90747070,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90772201,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1AAAEAGZwW5u0qtCgACD9DxxI8Aq+ABnMSfU2AS\/\/\/VWAAAAgQFtA=="} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":875,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":2,"flow_src_last_pkt_time":90746756,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90772397,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1EAAEAG4wi8pcu+CgACD1XrxI0ArNoBciGOTGAS\/\/8ODwAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":876,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_packet_id":3,"flow_src_last_pkt_time":90772438,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772438,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoOIRAAIAGsdQKAAIPubtKrcSP0PGcxJ9TAKvgAlAQ+vDyJAAA"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":877,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747315,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":877,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747315,"flow_src_last_pkt_time":90772488,"flow_dst_last_pkt_time":90768698,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":879,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_packet_id":3,"flow_src_last_pkt_time":90772602,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90772602,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxP5AAIAGoV4KAAIPvKXLvsSNVetyIY5MAKzaAlAQ+vAq2wAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":880,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747070,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772735,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":882,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746756,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772949,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":880,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747070,"flow_src_last_pkt_time":90772735,"flow_dst_last_pkt_time":90772201,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772735,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":882,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746756,"flow_src_last_pkt_time":90772949,"flow_dst_last_pkt_time":90772397,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90772949,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":884,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":2,"flow_src_last_pkt_time":90744013,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776532,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1UAAEAGyRlYeEnXCgACD1\/yxH8ArdQBY7MtEWAS\/\/9f0wAAAgQFtA=="} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":885,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":2,"flow_src_last_pkt_time":90746915,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776723,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1YAAEAGK3HBIH7WCgACD+jMxI4Ars4ByU6XnmAS\/\/9vGAAAAgQFtA=="} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":886,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_packet_id":3,"flow_src_last_pkt_time":90776781,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90776781,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo+\/1AAIAGUHQKAAIPWHhJ18R\/X\/Jjsy0RAK3UAlAQ+vB8nwAA"} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":887,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":2,"flow_src_last_pkt_time":90745963,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90776891,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA1cAAEAGVX5o7qz6CgACD1v8xIgAr8gBAIGaT2AS\/\/\/yGAAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":888,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_packet_id":3,"flow_src_last_pkt_time":90776939,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90776939,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoYpBAAIAGTDoKAAIPwSB+1sSO6MzJTpeeAK7OAlAQ+vCL5AAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":889,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744013,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90776965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":889,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744013,"flow_src_last_pkt_time":90776965,"flow_dst_last_pkt_time":90776532,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90776965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":891,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_packet_id":3,"flow_src_last_pkt_time":90777173,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90777173,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoBk9AAIAG0okKAAIPaO6s+sSIW\/wAgZpPAK\/IAlAQ+vAO5QAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":892,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746915,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777390,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":894,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745963,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777612,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":892,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746915,"flow_src_last_pkt_time":90777390,"flow_dst_last_pkt_time":90776723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777390,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":894,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745963,"flow_src_last_pkt_time":90777612,"flow_dst_last_pkt_time":90776891,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90777612,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":901,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":2,"flow_src_last_pkt_time":90744462,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90784857,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA14AAEAG805VqCJpCgACD5vkxIAAsMIB8fB5WWAS\/\/+FlQAAAgQFtA=="} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":902,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":2,"flow_src_last_pkt_time":90743161,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90784998,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA18AAEAG3PlXezbqCgACD9NyxH0AsbwBqI15YWAS\/\/+HEAAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":903,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_packet_id":3,"flow_src_last_pkt_time":90785086,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785086,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo3DZAAIAGmnkKAAIPVagiacSAm+Tx8HlZALDCAlAQ+vCiYQAA"} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":904,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":2,"flow_src_last_pkt_time":90747782,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90785152,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA2AAAEAGnkMzRJnWCgACD2aNxJMAsrYBwo+\/QmAS\/\/9bRgAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":905,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_packet_id":3,"flow_src_last_pkt_time":90785220,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785220,"pkt":"UlQAEjUCCAAn5uVZCABFAAAooEJAAIAGwBkKAAIPV3s26sR903KojXlhALG8AlAQ+vCj3AAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":906,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744462,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":906,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744462,"flow_src_last_pkt_time":90785248,"flow_dst_last_pkt_time":90784857,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":908,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_packet_id":3,"flow_src_last_pkt_time":90785342,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90785342,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoeOBAAIAGqMYKAAIPM0SZ1sSTZo3Cj79CALK2AlAQ+vB4EgAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":909,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747782,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":911,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743161,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":909,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747782,"flow_src_last_pkt_time":90785552,"flow_dst_last_pkt_time":90785152,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":911,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743161,"flow_src_last_pkt_time":90785663,"flow_dst_last_pkt_time":90784998,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90785663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":918,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":2,"flow_src_last_pkt_time":90746322,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90787996,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA2cAAEAGHo9QB\/zACgACDxroxIoAs7ABAD7ueWAS\/\/\/AYAAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":919,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_packet_id":3,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90787996,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoIw9AAIAGfuoKAAIPUAf8wMSKGugAPu55ALOwAlAQ+vDdLAAA"} -01332{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":920,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90787996,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":760,"client":680,"server":80}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":500,"client":350,"server":150}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}} +01374{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":920,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90787996,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90787996,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}} 00498{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":930,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":2,"flow_src_last_pkt_time":90741945,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90795846,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA24AAEAGymQugHJrCgACDxmyxHoAtKoBziHWF2AS\/\/++AAAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":932,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_packet_id":3,"flow_src_last_pkt_time":90796080,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90796080,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoDztAAIAGPpsKAAIPLoBya8R6GbLOIdYXALSqAlAQ+vDazAAA"} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":938,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":2,"flow_src_last_pkt_time":90747580,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90799214,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA3IAAEAGvK6khAoZCgACD9gGxJIAtaQBToGf\/mAS\/\/+tmgAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":939,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_packet_id":3,"flow_src_last_pkt_time":90799383,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90799383,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoptFAAIAGmVIKAAIPpIQKGcSS2AZOgZ\/+ALWkAlAQ+vDKZgAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":942,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741945,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90799783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":944,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747580,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90800133,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":942,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741945,"flow_src_last_pkt_time":90799783,"flow_dst_last_pkt_time":90795846,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90799783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":944,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90747580,"flow_src_last_pkt_time":90800133,"flow_dst_last_pkt_time":90799214,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90800133,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":946,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":2,"flow_src_last_pkt_time":90745008,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90800891,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA3YAAEAGCtCwY7AUCgACDxjKxIMAtp4BeVRy4GAS\/\/\/DVQAAAgQFtA=="} 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":947,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_packet_id":3,"flow_src_last_pkt_time":90801069,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90801069,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoGLRAAIAGdZUKAAIPsGOwFMSDGMp5VHLgALaeAlAQ+vDgIQAA"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":948,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745008,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90801264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":948,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745008,"flow_src_last_pkt_time":90801264,"flow_dst_last_pkt_time":90800891,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90801264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90809634,"flow_src_last_pkt_time":90809634,"flow_dst_last_pkt_time":90809634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90809634,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":1,"flow_src_last_pkt_time":90809634,"flow_dst_last_pkt_time":90809634,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90809634,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4BlIAAIAREmwKAAIPaO6s+nAJW\/wAJA6KHB0xAtgN+vD\/0M\/t\/ONIAwABAAUAAADDglFLQA=="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":986,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":2,"flow_src_last_pkt_time":90809634,"flow_dst_last_pkt_time":90840335,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":143,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":143,"pkt_l4_len":109,"thread_ts_usec":90840335,"pkt":"CAAn5uVZUlQAEjUCCABFAACBA44AAEARVOdo7qz6CgACD1v8cAkAbdSrHB0xAtgN+vD\/0M\/t\/ONIAwEBAE4AAAD8W2jurPoAAAAACAAAAMMCVkNFR1RLR2IDR1VFQQICVVBDAgEGAkRVQl9jATZQIAEZ8HQAiAgAAAAAAAEAAQNESFRDAAABglFLRIDlHEU="} @@ -978,8 +982,8 @@ 00488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":997,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_packet_id":3,"flow_src_last_pkt_time":90843712,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90843712,"pkt":"UlQAEjUCCAAn5uVZCABFAAAopBpAAIAGrC4KAAIPJo536sR3wkQjIZHCALeYAlAQ+vA2AwAA"} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90845230,"flow_src_last_pkt_time":90845230,"flow_dst_last_pkt_time":90845230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90845230,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":1,"flow_src_last_pkt_time":90845230,"flow_dst_last_pkt_time":90845230,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90845230,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4c0wAAIARymUKAAIPvD00t3AJLkwAJK1JGu4xAkJx0f\/\/24\/JSJ6wAwABAAUAAADDglFLQA=="} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1005,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740683,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90850187,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01750{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1011,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90857440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":90857440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"6": {"risk":"Self-signed Cert","severity":"High","risk_score": {"total":500,"client":450,"server":50}},"9": {"risk":"TLS Cert Expired","severity":"High","risk_score": {"total":260,"client":230,"server":30}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":760,"client":680,"server":80}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":500,"client":350,"server":150}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"1249fb68f48c0444718e4d3b48b27188","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"CN=gtk-gnutella\/1.2.1","subjectDN":"CN=gtk-gnutella\/1.2.1","fingerprint":"E8:DD:F0:B2:FF:8C:27:5A:12:75:D4:AE:60:1B:D9:87:E8:FF:45:93"}}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1005,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740683,"flow_src_last_pkt_time":90850187,"flow_dst_last_pkt_time":90843516,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90850187,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01792{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1011,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90746322,"flow_src_last_pkt_time":90787996,"flow_dst_last_pkt_time":90857440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":264,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":264,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":90857440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"6": {"risk":"Self-signed Cert","severity":"High","risk_score": {"total":300,"client":270,"server":30}},"9": {"risk":"TLS Cert Expired","severity":"High","risk_score": {"total":160,"client":140,"server":20}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1.2","ja3":"6992dc627532d4fbccd43fb03d3bdeb4","ja3s":"1249fb68f48c0444718e4d3b48b27188","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"CN=gtk-gnutella\/1.2.1","subjectDN":"CN=gtk-gnutella\/1.2.1","fingerprint":"E8:DD:F0:B2:FF:8C:27:5A:12:75:D4:AE:60:1B:D9:87:E8:FF:45:93"}}} 00597{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1016,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":2,"flow_src_last_pkt_time":90845230,"flow_dst_last_pkt_time":90857929,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":130,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":130,"pkt_l4_len":96,"thread_ts_usec":90857929,"pkt":"CAAn5uVZUlQAEjUCCABFAAB0A6AAAEAReda8PTS3CgACDy5McAkAYD84Gu4xAkJx0f\/\/24\/JSJ6wAwEBAEEAAABMLrw9NLcAAAAACAAAAMMCVkNFR1RLR1cDR1VFQQICVVBDAgEHAkRVQ4BRAQNUTFNAA0RIVEMAAAGCUUtE7kD0pA=="} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1026,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90864578,"flow_src_last_pkt_time":90864578,"flow_dst_last_pkt_time":90864578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90864578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1026,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":1,"flow_src_last_pkt_time":90864578,"flow_dst_last_pkt_time":90864578,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90864578,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4OIoAAIAR8bMKAAIPubtKrXAJ0PEAJMQW\/3wxAm1gREr\/fw\/7dxmzAwABAAUAAADDglFLQA=="} @@ -987,47 +991,47 @@ 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1030,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":1,"flow_src_last_pkt_time":90871417,"flow_dst_last_pkt_time":90871417,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90871417,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4xlIAAIARNMIKAAIPjoSlDXAJd2YAJJzV5\/IxAvsVo43\/HfOSkBgzAwABAAUAAADDglFLQA=="} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1031,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":2,"flow_src_last_pkt_time":90745170,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90872628,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA6gAAEAGqm3BJf+CCgACD\/CwxIQAuJIBv98bx2AS\/\/+nyQAAAgQFtA=="} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1032,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_packet_id":3,"flow_src_last_pkt_time":90872792,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90872792,"pkt":"UlQAEjUCCAAn5uVZCABFAAAogopAAIAGq44KAAIPwSX\/gsSE8LC\/3xvHALiSAlAQ+vDElQAA"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1033,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745170,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90873004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1033,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745170,"flow_src_last_pkt_time":90873004,"flow_dst_last_pkt_time":90872628,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90873004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1036,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90880863,"flow_src_last_pkt_time":90880863,"flow_dst_last_pkt_time":90880863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90880863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1036,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":1,"flow_src_last_pkt_time":90880863,"flow_dst_last_pkt_time":90880863,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":90880863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4YpYAAIARjBkKAAIPwSB+1nAJ6MwAJJ5bn1UxAqnqa\/T\/ZYYW3VylAwABAAUAAADDglFLQA=="} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1037,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":2,"flow_src_last_pkt_time":90746142,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90882629,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA6sAAEAGxg9gQUTCCgACD4qZxIkAuYwBsqFtYmAS\/\/\/rIgAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1038,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_packet_id":3,"flow_src_last_pkt_time":90882849,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90882849,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoBGJAAIAGRVwKAAIPYEFEwsSJipmyoW1iALmMAlAQ+vAH7wAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1039,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746142,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90883036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1039,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746142,"flow_src_last_pkt_time":90883036,"flow_dst_last_pkt_time":90882629,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90883036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1041,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":2,"flow_src_last_pkt_time":90746458,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90885640,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA60AAEAGpYEtH5hwCgACD2jjxIsAuoYB181ecmAS\/\/\/cDQAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1042,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_packet_id":3,"flow_src_last_pkt_time":90885826,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90885826,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoe4VAAIAGrawKAAIPLR+YcMSLaOPXzV5yALqGAlAQ+vD42QAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1043,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746458,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90885995,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1043,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90746458,"flow_src_last_pkt_time":90885995,"flow_dst_last_pkt_time":90885640,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90885995,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00624{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1046,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":2,"flow_src_last_pkt_time":90864578,"flow_dst_last_pkt_time":90892029,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":149,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":149,"pkt_l4_len":115,"thread_ts_usec":90892029,"pkt":"CAAn5uVZUlQAEjUCCABFAACHA68AAEARZkC5u0qtCgACD9DxcAkAc8xj\/3wxAm1gREr\/fw\/7dxmzAwEBAFQAAADx0Lm7Sq0AAAAACAAAAMMCVkNFR1RLR1cDR1VFQQICVVBDAgEJAkRVQ4BRAQE2UCoBbuAAAQAAAAAAAP\/\/C64DVExTQANESFRDAAABglFLRB3BTv4="} 00621{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1047,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":2,"flow_src_last_pkt_time":90871417,"flow_dst_last_pkt_time":90892088,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":149,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":149,"pkt_l4_len":115,"thread_ts_usec":90892088,"pkt":"CAAn5uVZUlQAEjUCCABFAACHA7AAAEARNxaOhKUNCgACD3dmcAkAc2nw5\/IxAvsVo43\/HfOSkBgzAwEBAFQAAABmd46EpQ0AAAAACAAAAMMCVkNFR1RLR2IDR1VFQQICVVBDAv8HAkRVQ4BRAQE2UCoBBPgcHBMlAAAAAAAAAAEDVExTQANESFRDAAABglFLRFrK9p0="} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1048,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":2,"flow_src_last_pkt_time":90743600,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90896426,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA7EAAEAGGR5LQAavCgACDxKHxH4Au4ABJ3TJMGAS\/\/\/xsQAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1049,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_packet_id":3,"flow_src_last_pkt_time":90896784,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90896784,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo3P5AAIAGv9MKAAIPS0AGr8R+EocndMkwALuAAlAQ+vAOfgAA"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1050,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90897166,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1050,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":90896426,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90897166,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1052,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":2,"flow_src_last_pkt_time":90739278,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":90899496,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA7MAAEAGUiNhU7eUCgACDyK6xHUAvHoBhjAS2WAS\/\/94KQAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1053,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_packet_id":3,"flow_src_last_pkt_time":90899766,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":90899766,"pkt":"UlQAEjUCCAAn5uVZCABFAAAos+9AAIAGIeoKAAIPYVO3lMR1IrqGMBLZALx6AlAQ+vCU9QAA"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1058,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90905082,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1058,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":90899496,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90905082,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1062,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":2,"flow_src_last_pkt_time":90880863,"flow_dst_last_pkt_time":90907947,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":130,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":130,"pkt_l4_len":96,"thread_ts_usec":90907947,"pkt":"CAAn5uVZUlQAEjUCCABFAAB0A7gAAEARKrzBIH7WCgACD+jMcAkAYGMhn1UxAqnqa\/T\/ZYYW3VylAwEBAEEAAADM6MEgftYIAAAAAAACAMMCVkNFR1RLR2IDR1VFQQICVVBDAgEFAkRVQ4BRAQNUTFNAA0RIVEMAAAGCUUtEmpBNrg=="} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1088,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":2,"flow_src_last_pkt_time":90745788,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91051889,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8YAAEAGMiyVHKOvCgACD8MkxIcAvm4BvtmXiWAS\/\/8GbQAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1089,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_packet_id":3,"flow_src_last_pkt_time":91052332,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91052332,"pkt":"UlQAEjUCCAAn5uVZCABFAAAozKZAAIAG6U4KAAIPlRyjr8SHwyS+2ZeJAL5uAlAQ+vAjOQAA"} 00499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1090,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":2,"flow_src_last_pkt_time":90742427,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91057463,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8cAAEAG2CXL3Mb0CgACDwSqxHsAv2gBodiVp2AS\/\/+P0AAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_packet_id":3,"flow_src_last_pkt_time":91057889,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91057889,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoTH9AAIAGD3EKAAIPy9zG9MR7BKqh2JWnAL9oAlAQ+vCsnAAA"} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1092,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":2,"flow_src_last_pkt_time":90744824,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91058020,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8gAAEAG\/LTc7pFSCgACD4L3xIIAwGIBECov1GAS\/\/8zjQAAAgQFtA=="} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1093,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745788,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058268,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1093,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745788,"flow_src_last_pkt_time":91058268,"flow_dst_last_pkt_time":91051889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058268,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1094,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_packet_id":3,"flow_src_last_pkt_time":91058398,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91058398,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouGtAAIAGyBQKAAIP3O6RUsSCgvcQKi\/UAMBiAlAQ+vBQWQAA"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1098,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742427,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91059034,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":91058020,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91058830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1098,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90742427,"flow_src_last_pkt_time":91059034,"flow_dst_last_pkt_time":91057463,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91059034,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1100,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":2,"flow_src_last_pkt_time":90745391,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91062021,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA8wAAEAG\/T488TDCCgACD1M1xIUAwVwBVNBhD2AS\/\/\/z9wAAAgQFtA=="} 00489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1101,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_packet_id":3,"flow_src_last_pkt_time":91062316,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91062316,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoxU5AAIAGu78KAAIPPPEwwsSFUzVU0GEPAMFcAlAQ+vAQxAAA"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1102,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745391,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91062572,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1102,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90745391,"flow_src_last_pkt_time":91062572,"flow_dst_last_pkt_time":91062021,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91062572,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00501{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1104,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":2,"flow_src_last_pkt_time":90740151,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91074721,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA84AAEAGXEIOyP\/lCgACD5DCxHYAwlYBrXv\/HGAS\/\/8kxQAAAgQFtA=="} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1105,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_packet_id":3,"flow_src_last_pkt_time":91074947,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91074947,"pkt":"UlQAEjUCCAAn5uVZCABFAAAotiFAAIAGKfIKAAIPDsj\/5cR2kMKte\/8cAMJWAlAQ+vBBkQAA"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1106,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91075404,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1106,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91074721,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91075404,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00500{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1108,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":2,"flow_src_last_pkt_time":90741572,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":91076000,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsA9AAAEAGXEAOyP\/lCgACD7KOxHkAw1ABv2bicWAS\/\/8TtQAAAgQFtA=="} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1110,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_packet_id":3,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":91076000,"pkt":"UlQAEjUCCAAn5uVZCABFAAAotiNAAIAGKfAKAAIPDsj\/5cR5so6\/ZuJxAMNQAlAQ+vAwgQAA"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1111,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741572,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91076000,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00876{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00872{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00872{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00886{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00886{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1111,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":90741572,"flow_src_last_pkt_time":91076000,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91076000,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00919{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00915{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00915{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":91277614,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1185,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_packet_id":2,"flow_src_last_pkt_time":91716946,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":91716946,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QYNAAIAGx74KAAIPYteCnMRvMHWjnzXtAAAAAIAC+vC0KwAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1186,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_packet_id":2,"flow_src_last_pkt_time":91717037,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":91717037,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QNNAAIAG5KUKAAIPVHZ0xsRurkgo6JHMAAAAAIAC+vBxaAAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1197,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":2,"flow_src_last_pkt_time":92750229,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":92750229,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYJAAIAGGXYKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} @@ -1050,18 +1054,18 @@ 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1218,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_packet_id":3,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":94638448,"pkt":"UlQAEjUCCAAn5uVZCABFAAA03z1AAIAGuFYKAAIPRK4Sc8RixfcTIeyiAAAAAIAC+vCG0QAAAgQFtAEDAwgBAQQC"} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1222,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1222,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_packet_id":1,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95216801,"pkt":"UlQAEjUCCAAn5uVZCABFAABtOX8AAIAR2+8KAAIPSMnQOXAJltkAWSBpTGIxAqnQz8i8hdkTM6c6p0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1222,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1222,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1223,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1223,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_packet_id":1,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95264285,"pkt":"UlQAEjUCCAAn5uVZCABFAABteh0AAIARB1oKAAIPUc1bLXAJnMkAWTuNUisxAvjRH\/hajsQp0x+4CkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1223,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1223,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1224,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264476,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264476,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1224,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":1,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95264476,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBMUAAIARP0QKAAIPL9y6jHAJa\/kAWcmWUFgxAsm+7Dhb\/+NPw\/hwmEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1224,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264476,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264476,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1224,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264476,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264476,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01461{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1225,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":2,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95411780,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95411780,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAUAAEARfX4v3LqMCgACD2v5cAkC33tEUFgxAsm+7Dhb\/+NPw\/hwmEQAAMACAAAGR1RLRwAAapTkMLTCnHtO3\/4C25AmQ4OUYisEL9y6jGv5AQAAAAR8wXsRFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1226,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":3,"flow_src_last_pkt_time":95412811,"flow_dst_last_pkt_time":90907947,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95412811,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYpsAAIARi98KAAIPwSB+1nAJ6MwAWeiNeJExAmLu0Xk4X2RsSVj1uUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1228,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1228,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":1,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95443212,"pkt":"UlQAEjUCCAAn5uVZCABFAABtP0UAAIARMnUKAAIPdvBFx3AJGMwAWTV1zcQxAjBRcglTz+ngOj6nIkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1228,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1228,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1230,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":3,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653781,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sx9AAIAG7QUKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1231,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":3,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653938,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vENAAIAGZKwKAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1232,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_packet_id":3,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653973,"pkt":"UlQAEjUCCAAn5uVZCABFAAA04CVAAIAGre0KAAIPJOc7u8Rm8xqBNdLHAAAAAIAC+vD77wAAAgQFtAEDAwgBAQQC"} @@ -1071,64 +1075,64 @@ 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1237,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":3,"flow_src_last_pkt_time":95685258,"flow_dst_last_pkt_time":95411780,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95685258,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBMYAAIARP0MKAAIPL9y6jHAJa\/kAWT8LpTgxAh8vpCECmjOT1kHZjEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1239,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95715707,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95715707,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1239,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":1,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95715707,"pkt":"UlQAEjUCCAAn5uVZCABFAABtSkUAAIARukUKAAIPbYS8YnAJ9YMAWQnlOt4xAkt+phdWa3WZX\/1iLEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1239,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95715707,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95715707,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1239,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95715707,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95715707,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1240,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716226,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1240,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_packet_id":1,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95716226,"pkt":"UlQAEjUCCAAn5uVZCABFAABtyVMAAIARg0EKAAIPGKfJNXAJuLIAWdvQozIxAmeG11K2Zk+mg8cBskQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1240,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716226,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1240,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716226,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1241,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716693,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716693,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1241,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":1,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95716693,"pkt":"UlQAEjUCCAAn5uVZCABFAABtGLgAAIARtUEKAAIPsGOwFHAJGMoAWdWFw\/gxApkT0lWtd136yOWRcEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1241,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716693,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716693,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1241,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716693,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716693,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01456{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1242,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":2,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95753158,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95753158,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAoAAEARPftthLxiCgACD\/WDcAkC3zUCOt4xAkt+phdWa3WZX\/1iLEQAAMACAAAGR1RLRwAA4JsjIdkeuStic2CcxenuP1eRs7wEbYS8YvWDAQAAAATOKYIxFFdTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1243,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":3,"flow_src_last_pkt_time":95754103,"flow_dst_last_pkt_time":90840335,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95754103,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBlcAAIAREjIKAAIPaO6s+nAJW\/wAWVUmk6UxAqo+0NIYX4FTPMU3uEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1244,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754317,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1244,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_packet_id":1,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95754317,"pkt":"UlQAEjUCCAAn5uVZCABFAABt5WoAAIARNr4KAAIPR+3KW3AJPvUAWTG5sdMxAjDioXa7maFRwy28tUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1244,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754317,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1244,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754317,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1245,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754583,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754583,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1245,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":1,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95754583,"pkt":"UlQAEjUCCAAn5uVZCABFAABtX54AAIARHeoKAAIPXNlUEHAJTv8AWaUwJBUxAlN7nQQgyNq1K1wDakQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1245,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754583,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754583,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1245,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754583,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754583,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1246,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":2,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95773465,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95773465,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAsAAEARB2mwY7AUCgACDxjKcAkC343Vw\/gxApkT0lWtd136yOWRcEQAAMACAAAGR1RLRwAA8snLCFuSuhsM38lDoCe4Q7IZIaMEsGOwFBjKAQAAAARm60BZFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00725{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1248,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784128,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1248,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":1,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95784128,"pkt":"UlQAEjUCCAAn5uVZCABFAABtMiYAAIARW8MKAAIPXjZCUnAJ+JUAWU8lLkYxAuq77b+oti7DkMaMrEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00965{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1248,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784128,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1248,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784128,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1249,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784399,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1249,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":1,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95784399,"pkt":"UlQAEjUCCAAn5uVZCABFAABtkeMAAIARbpoKAAIPYOzNB3AJh+oAWd3xqy0xAvOz2v7bFV7JjaoOuEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1249,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784399,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1249,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784399,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1250,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784533,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784533,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1250,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":1,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95784533,"pkt":"UlQAEjUCCAAn5uVZCABFAABtcekAAIARV2IKAAIPrbe3bnAJ6hAAWRURh5oxAjZAPvXTOccHXf+KmUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1250,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784533,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784533,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1250,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784533,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784533,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1251,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":2,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95818452,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95818452,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBA0AAEARtvVc2VQQCgACD07\/cAkC3\/0wJBUxAlN7nQQgyNq1K1wDakQAAMACAAAGR1RLRwAA9cCVEE\/2P06nFdVsmWWAWjUBRZwEXNlUEE7\/AQAAAATtCo4VFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 01454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1253,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":2,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95892313,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95892313,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBA8AAEAROelg7M0HCgACD4fqcAkC3\/BRqy0xAvOz2v7bFV7JjaoOuEQAAMACAAAGR1RLRwAA+Ts9p8WeGiSZuDZKSPQI3121aXEEYOzNB4fqAQAAAASVRD4TFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo4w=="} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1254,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893239,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893239,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1254,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":1,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95893239,"pkt":"UlQAEjUCCAAn5uVZCABFAABtptYAAIAR2P0KAAIPpIQKGXAJ2AYAWVxSIsUxAlnYy6KYCQUz3Ng+pkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1254,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893239,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893239,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1254,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893239,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893239,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1255,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1255,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_packet_id":1,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95893440,"pkt":"UlQAEjUCCAAn5uVZCABFAABtLrQAAIARfUcKAAIPuezIiXAJvA4AWfki1SYxAiU091nTuxkeneMv2EQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1255,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1255,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1256,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893685,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893685,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1256,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":1,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95893685,"pkt":"UlQAEjUCCAAn5uVZCABFAABtxQIAAIAR4QoKAAIPvKXLvnAJVesAWQc1IDExAvwLw9eirMeJjOQnPkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1256,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893685,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893685,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1256,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893685,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893685,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1258,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":2,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95918456,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95918456,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBEAAEAR33a8pcu+CgACD1XrcAkC37R2IDExAvwLw9eirMeJjOQnPkQAAMACAAAGR1RLRwAA0WC9XX1Cv4OMIP5Uj2dxFVfelx8EvKXLvlXrAQAAAAT+NOnnFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DldTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1259,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1259,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_packet_id":1,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95923521,"pkt":"UlQAEjUCCAAn5uVZCABFAABtLi4AAIARXRAKAAIPLVh123AJGv0AWeqxHFUxAta++c2ylLcKBb\/ez0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1259,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1259,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1260,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923574,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1260,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_packet_id":1,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95923574,"pkt":"UlQAEjUCCAAn5uVZCABFAABtEcQAAIARHzkKAAIPYPacfnAJ2wYAWfibSFoxAjjwuKgFGYZC9XxYD0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1260,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923574,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1260,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923574,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1261,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923657,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1261,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":1,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95923657,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTeMAAIAR4qYKAAIPSfqz7XAJUXAAWYypWMIxAuib5nRI0KcHRTGrFEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1261,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923657,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1261,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923657,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01454{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1262,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":2,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95941178,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95941178,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBIAAEARuTykhAoZCgACD9gGcAkC39H3IsUxAlnYy6KYCQUz3Ng+pkQAAMACAAAGR1RLRwAAwkI+xsLIWLYQq6EiNHwU7EsyAwwEpIQKGdgGAQAAAAQMPEZKFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 01455{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1263,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":2,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95956975,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95956975,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBMAAEARArOtt7duCgACD+oQcAkC3zGfh5oxAjZAPvXTOccHXf+KmUQAAMACAAAGR1RLRwAA\/YvF6OaM0g0Esl9zeFHFBmeEb50Erbe3buoQAQAAAASYSwA1FEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo4w=="} 01455{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1264,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":2,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":96048683,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":96048683,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBQAAEARafBJ+rPtCgACD1FwcAkC30eYWMIxAuib5nRI0KcHRTGrFEQAAMACAAAGR1RLRwAA1jyfIL1wKx4dMkSe+\/yFksXUYD4ESfqz7VFwAQAAAASK6DCmFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1265,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1265,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_packet_id":1,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":96049643,"pkt":"UlQAEjUCCAAn5uVZCABFAABtwDYAAIARi2oKAAIPU6CPMHAJkKwAWa9gWsoxAsGbN6aupxEpyf\/jN0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1265,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1265,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1266,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049781,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1266,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_packet_id":1,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":96049781,"pkt":"UlQAEjUCCAAn5uVZCABFAABtFDIAAIARzrMKAAIPZAHninAJ3O4AWZFZFoUxAuK7tbNnNS+8oB5EGUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00967{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1266,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049781,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01010{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1266,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049781,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00726{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1267,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049954,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1267,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_packet_id":1,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":96049954,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTdQAAIARVqAKAAIPVBw14XAJrzsAWZ3TvxoxApctlOGi4VjuIFMFmUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00966{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1267,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049954,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01009{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1267,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049954,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1273,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":3,"flow_src_last_pkt_time":96404307,"flow_dst_last_pkt_time":90857929,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":96404307,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8c1IAAIARylsKAAIPvD00t3AJLkwAKChuYiUKBgACAwMAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1277,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_packet_id":3,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685056,"pkt":"UlQAEjUCCAAn5uVZCABFAAA068VAAIAGCcsKAAIPXoaansRp03KjrVDkAAAAAIAC+vDifQAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1278,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_packet_id":3,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":96685203,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IMxAAIAG1hsKAAIPY8eUBsRoEPJVbcPeAAAAAIAC+vCBnAAAAgQFtAEDAwgBAQQC"} @@ -1143,43 +1147,43 @@ 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1296,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":3,"flow_src_last_pkt_time":99778426,"flow_dst_last_pkt_time":90738015,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778426,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rs5AAIAGRA0KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1297,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_packet_id":3,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778446,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0O4NAAIAGzRIKAAIPTG6ZscSGnFbyaQhuAAAAAIAC+vAmPAAAAgQFtAEDAwgBAQQC"} 00505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1298,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_packet_id":3,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":99778471,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gg9AAIAGKkQKAAIPSVn5CMRyxdmnmnGXAAAAAIAC+vCCMAAAAgQFtAEDAwgBAQQC"} -02261{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1317,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":19,"flow_first_seen":88704875,"flow_src_last_pkt_time":100541304,"flow_dst_last_pkt_time":100658601,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1036,"flow_dst_tot_l4_payload_len":10762,"midstream":0,"thread_ts_usec":100658601,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":68,"avg":767424.4,"max":8796467,"stddev":2113226.8,"var":4465727373312.0,"ent":2.6,"data": [111774,112031,223,580,122233,123811,1735,510239,510348,125373,7027,133055,508500,509079,643423,701863,8737919,8796467,643884,78,644721,118605,2969,121592,121581,84,121516,120907,68,120959,117511]},"pktlen": {"min":40,"avg":409.2,"max":1500,"stddev":491.7,"var":241767.6,"ent":4.1,"data": [52,44,40,639,40,652,90,40,353,40,182,423,40,68,40,449,40,86,40,1500,1052,40,640,1488,40,1500,628,40,1500,628,40,640]},"bins": {"c_to_s": [9,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [6,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,4,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0,1],"entropies": [4.585552692,4.823068142,4.680641651,5.822128773,4.621928692,5.725380421,5.587119579,4.671928883,7.096185207,4.621928692,6.667861462,7.368043423,4.680641651,5.340273857,4.621928692,7.401152134,4.780641556,5.582901478,4.621928692,7.849462032,7.784356117,4.730641365,7.643722534,7.861162663,4.730641365,7.864004135,7.644542217,4.680641174,7.856564045,7.631118298,4.680641174,7.673601151]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02304{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1317,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":19,"flow_first_seen":88704875,"flow_src_last_pkt_time":100541304,"flow_dst_last_pkt_time":100658601,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1036,"flow_dst_tot_l4_payload_len":10762,"midstream":0,"thread_ts_usec":100658601,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":68,"avg":767424.4,"max":8796467,"stddev":2113226.8,"var":4465727373312.0,"ent":2.6,"data": [111774,112031,223,580,122233,123811,1735,510239,510348,125373,7027,133055,508500,509079,643423,701863,8737919,8796467,643884,78,644721,118605,2969,121592,121581,84,121516,120907,68,120959,117511]},"pktlen": {"min":40,"avg":409.2,"max":1500,"stddev":491.7,"var":241767.6,"ent":4.1,"data": [52,44,40,639,40,652,90,40,353,40,182,423,40,68,40,449,40,86,40,1500,1052,40,640,1488,40,1500,628,40,1500,628,40,640]},"bins": {"c_to_s": [9,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [6,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,4,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,1,0,1,1,0,1],"entropies": [4.585552692,4.823068142,4.680641651,5.822128773,4.621928692,5.725380421,5.587119579,4.671928883,7.096185207,4.621928692,6.667861462,7.368043423,4.680641651,5.340273857,4.621928692,7.401152134,4.780641556,5.582901478,4.621928692,7.849462032,7.784356117,4.730641365,7.643722534,7.861162663,4.730641365,7.864004135,7.644542217,4.680641174,7.856564045,7.631118298,4.680641174,7.673601151]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01456{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1320,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":2,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":100920359,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":100920359,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBEAAAEARxyNeNkJSCgACD\/iVcAkC34d4LkYxAuq77b+oti7DkMaMrEQAAMACAAAGR1RLRwAA+wNHJRwgXbAuWugSpAUSxJsCHL8EXjZCUviVAQAAAAR+IhyrFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} -02256{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1333,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":88704150,"flow_src_last_pkt_time":101062565,"flow_dst_last_pkt_time":101062734,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1062,"flow_dst_tot_l4_payload_len":6684,"midstream":0,"thread_ts_usec":101062734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":1,"avg":797322.6,"max":8218469,"stddev":1970792.9,"var":3884024594432.0,"ent":2.9,"data": [128313,128710,372,938,178629,178799,1,501219,501471,98390,140683,469376,511641,1190983,1233531,8175797,8218469,772334,828075,95677,89547,96875,110099,405396,409608,95445,89124,2830,63380,645,642]},"pktlen": {"min":40,"avg":282.6,"max":1064,"stddev":381.8,"var":145784.6,"ent":3.9,"data": [52,44,40,640,40,668,90,40,353,40,574,40,68,40,442,40,86,40,1064,40,1064,40,1064,40,1064,40,1064,40,55,40,50,40]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,1,0,0,1,0,1],"entropies": [4.662476063,4.732159138,4.630641460,5.806861401,4.521928787,5.724582195,5.627513409,4.621928692,7.193869114,4.621928692,7.467946053,4.730641842,5.399097443,4.571928978,7.330091953,4.730641365,5.719189644,4.621928692,7.801183701,4.730641365,7.783223152,4.680641174,7.789729118,4.730641365,7.787688255,4.730641365,7.814134598,4.680641651,4.944017887,4.621928692,4.859469414,4.621928692]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -02218{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1370,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90745963,"flow_src_last_pkt_time":101065402,"flow_dst_last_pkt_time":101065057,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1115,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":101065402,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":346,"avg":665759.1,"max":8692014,"stddev":2110974.0,"var":4456211546112.0,"ent":1.9,"data": [30928,31210,439,818,29157,31647,2471,501745,502012,17074,17362,35097,479690,480352,544167,592641,8643736,8692014,619,570,563,598,427,387,461,428,346,360,379,396,439]},"pktlen": {"min":40,"avg":121.8,"max":668,"stddev":170.0,"var":28912.7,"ent":4.1,"data": [52,44,40,641,40,668,90,40,353,40,182,370,40,67,40,427,40,94,40,50,40,50,40,50,40,50,40,50,40,50,40,50]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0],"entropies": [4.492582321,4.720129013,4.521928787,5.809185505,4.508695602,5.773917675,5.619303703,4.558695793,7.143177032,4.389823914,6.687948704,7.327623844,4.671928406,5.289166927,4.558695793,7.411965370,4.621928692,5.812307358,4.489823818,4.722780704,4.489823818,4.682780743,4.489823818,4.722780704,4.489823818,4.722780704,4.439823627,4.722780704,4.489823818,4.722780704,4.489823818,4.642780781]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02299{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1333,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":88704150,"flow_src_last_pkt_time":101062565,"flow_dst_last_pkt_time":101062734,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":1062,"flow_dst_tot_l4_payload_len":6684,"midstream":0,"thread_ts_usec":101062734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":1,"avg":797322.6,"max":8218469,"stddev":1970792.9,"var":3884024594432.0,"ent":2.9,"data": [128313,128710,372,938,178629,178799,1,501219,501471,98390,140683,469376,511641,1190983,1233531,8175797,8218469,772334,828075,95677,89547,96875,110099,405396,409608,95445,89124,2830,63380,645,642]},"pktlen": {"min":40,"avg":282.6,"max":1064,"stddev":381.8,"var":145784.6,"ent":3.9,"data": [52,44,40,640,40,668,90,40,353,40,574,40,68,40,442,40,86,40,1064,40,1064,40,1064,40,1064,40,1064,40,55,40,50,40]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,1,0,0,1,0,1],"entropies": [4.662476063,4.732159138,4.630641460,5.806861401,4.521928787,5.724582195,5.627513409,4.621928692,7.193869114,4.621928692,7.467946053,4.730641842,5.399097443,4.571928978,7.330091953,4.730641365,5.719189644,4.621928692,7.801183701,4.730641365,7.783223152,4.680641174,7.789729118,4.730641365,7.787688255,4.730641365,7.814134598,4.680641651,4.944017887,4.621928692,4.859469414,4.621928692]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02261{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1370,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90745963,"flow_src_last_pkt_time":101065402,"flow_dst_last_pkt_time":101065057,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1115,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":101065402,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":346,"avg":665759.1,"max":8692014,"stddev":2110974.0,"var":4456211546112.0,"ent":1.9,"data": [30928,31210,439,818,29157,31647,2471,501745,502012,17074,17362,35097,479690,480352,544167,592641,8643736,8692014,619,570,563,598,427,387,461,428,346,360,379,396,439]},"pktlen": {"min":40,"avg":121.8,"max":668,"stddev":170.0,"var":28912.7,"ent":4.1,"data": [52,44,40,641,40,668,90,40,353,40,182,370,40,67,40,427,40,94,40,50,40,50,40,50,40,50,40,50,40,50,40,50]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0],"entropies": [4.492582321,4.720129013,4.521928787,5.809185505,4.508695602,5.773917675,5.619303703,4.558695793,7.143177032,4.389823914,6.687948704,7.327623844,4.671928406,5.289166927,4.558695793,7.411965370,4.621928692,5.812307358,4.489823818,4.722780704,4.489823818,4.682780743,4.489823818,4.722780704,4.489823818,4.722780704,4.439823627,4.722780704,4.489823818,4.722780704,4.489823818,4.642780781]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1450,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1450,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_packet_id":1,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122346,"pkt":"UlQAEjUCCAAn5uVZCABFAABt2AwAAIARIW0KAAIPy9xpG3AJSzwAWVR20YMxAsOjfW6uj7unlpr730QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1450,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1450,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1451,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122468,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1451,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_packet_id":1,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122468,"pkt":"UlQAEjUCCAAn5uVZCABFAABt42oAAIAR9S4KAAIPXHX5YnAJGp8AWRo4clsxAgMe5rjiFfxxH3X\/E0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1451,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122468,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1451,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122468,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1452,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122636,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1452,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":1,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122636,"pkt":"UlQAEjUCCAAn5uVZCABFAABt9MQAAIARu2EKAAIPUkAsC3AJBUgAWavKICYxAiIojdyDEATTYjr6S0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00968{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1452,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122636,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1452,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122636,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01457{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1453,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":2,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101161822,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":101161822,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBIEAAEAR6R9SQCwLCgACDwVIcAkC356IICYxAiIojdyDEATTYjr6S0QAAMACAAAGR1RLRwAAs3LU9XX2K5mbs3OMTMwDrBQ47bYEUkAsCwVIAQAAAASFeL+FFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIanw=="} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1454,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101162745,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101162745,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1454,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":1,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101162745,"pkt":"UlQAEjUCCAAn5uVZCABFAABte4oAAIAR7VcKAAIPLR+YcHAJaOMAWVACTGsxArv8OnSqKZfgjqpR7EQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1454,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101162745,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101162745,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1454,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101162745,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101162745,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1456,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":3,"flow_src_last_pkt_time":101163011,"flow_dst_last_pkt_time":90267957,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101163011,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYHkAAIARZpMKAAIPtVSyEHAJ62YAWXddengxAvwV4+vWhWE2kdf1ukQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1458,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":3,"flow_src_last_pkt_time":101259418,"flow_dst_last_pkt_time":89964910,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101259418,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBGcAAIARhQcKAAIPYEFEwnAJipkAWaF8mwwxArcB6GYWxEVcLYtOuEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1459,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":3,"flow_src_last_pkt_time":101259475,"flow_dst_last_pkt_time":90003667,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101259475,"pkt":"UlQAEjUCCAAn5uVZCABFAABteOQAAIAR6HIKAAIPM0SZ1nAJZo0AWYTH3zwxAjTRxsrRaTsZKs8ZWEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1460,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":3,"flow_src_last_pkt_time":101259643,"flow_dst_last_pkt_time":90386058,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101259643,"pkt":"UlQAEjUCCAAn5uVZCABFAABt0UoAAIARidoKAAIPZ+hrZHAJqfQAWbmktYQxAlY3F4usipPFNw4SZ0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 01456{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1463,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":2,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101305936,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":101305936,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBIUAAEARodctH5hwCgACD2jjcAkC3267TGsxArv8OnSqKZfgjqpR7EQAAMACAAAGR1RLRwAAsVtn4eBIiuGjRFoZE1N3WpOAxkUELR+YcGjjAQAAAAQ+cByLFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} -00837{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1464,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101305936,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00880{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1464,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101305936,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1479,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1479,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":1,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101837355,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAsIAAIAR5ekKAAIP1eVv4HAJEwwAWTJ5PKcxAijtzcGdOPipHVZyGEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1479,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1479,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1538,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":3,"flow_src_last_pkt_time":106200868,"flow_dst_last_pkt_time":90132904,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106200868,"pkt":"UlQAEjUCCAAn5uVZCABFAABtgo8AAIAR6zkKAAIPwSX\/gnAJ8LAAWcdbqxExAsF5aprYo0LmkOznoEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1539,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":3,"flow_src_last_pkt_time":106200960,"flow_dst_last_pkt_time":90071609,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106200960,"pkt":"UlQAEjUCCAAn5uVZCABFAABt7XkAAIAREsQKAAIPUD3d9nAJd3EAWRpRkUIxAvIfqgvF6WkSbnxZFUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1905,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_packet_id":2,"flow_src_last_pkt_time":106314791,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106314791,"pkt":"UlQAEjUCCAAn5uVZCABFAABtDeEAAIARAL0KAAIPQh7dtXAJLuwAWUvy0dkxAnflHs8XZg0HoKrR0EQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1906,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":2,"flow_src_last_pkt_time":106314874,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106314874,"pkt":"UlQAEjUCCAAn5uVZCABFAABthP0AAIARBkIKAAIPLVh12nAJGv0AWUikdrExAmyl2\/D4Flpgn2PiMkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00590{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1907,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":2,"flow_src_last_pkt_time":106314985,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106314985,"pkt":"UlQAEjUCCAAn5uVZCABFAABtv\/wAAIAR2kwKAAIPucvaXHAJ3oIAWXW3EqAxAn\/MqZ\/PxBBVRWBQQEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1911,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":106388767,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":106390698,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00878{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00851{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00854{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00855{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00838{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1911,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":1,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":106388767,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":106390698,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00921{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00894{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00897{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00898{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1202,18 +1206,18 @@ 00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1969,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":1,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":114930776,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":114930776,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0z\/pAAIAGGNQKAAIPvZNIU8SYZfyEcE5AAAAAAIAC+vBk5AAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1970,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":2,"flow_src_last_pkt_time":114930255,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":115039245,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBeIAAEAGgIBFdqLlCgACD7c6xJcA8yoBKsf7BWAS\/\/\/XGAAAAgQFtA=="} 00493{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1971,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_packet_id":3,"flow_src_last_pkt_time":115039725,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115039725,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobAxAAIAGmlkKAAIPRXai5cSXtzoqx\/sFAPMqAlAQ+vDz5AAA"} -01426{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1972,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115040547,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01469{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1972,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":115039245,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115040547,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} 00502{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1974,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":2,"flow_src_last_pkt_time":114930776,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":115124425,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBeQAAEAGYvO9k0hTCgACD2X8xJgA9CQBhHBOQWAS\/\/9j5QAAAgQFtA=="} 00493{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1975,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_packet_id":3,"flow_src_last_pkt_time":115126121,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":115126121,"pkt":"UlQAEjUCCAAn5uVZCABFAAAoz\/tAAIAGGN8KAAIPvZNIU8SYZfyEcE5BAPQkAlAQ+vCAsQAA"} -01423{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1976,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115127909,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01466{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1976,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":115124425,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115127909,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1980,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":115369554,"flow_src_last_pkt_time":115369554,"flow_dst_last_pkt_time":115369554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":115369554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1980,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_packet_id":1,"flow_src_last_pkt_time":115369554,"flow_dst_last_pkt_time":115369554,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":115369554,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4ticAAIARadEKAAIPDsj\/5XAJkMIAJDeaLGAxAs8iaaH\/Df9W3JltAwABAAUAAADDglFLQA=="} 00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1982,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_packet_id":2,"flow_src_last_pkt_time":115369554,"flow_dst_last_pkt_time":115702290,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":115702290,"pkt":"CAAn5uVZUlQAEjUCCABFAABKBegAAEARWf8OyP\/lCgACD5DCcAkANl\/hLGAxAs8iaaH\/Df9W3JltAwEBABcAAADCkA7I\/+WyNgAAAAAgAMOCUUtEGERIlw=="} -01448{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1983,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":116164038,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":794,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":794,"midstream":0,"thread_ts_usec":116164038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} -01445{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":116336924,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":806,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":806,"midstream":0,"thread_ts_usec":116336924,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01491{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1983,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930255,"flow_src_last_pkt_time":115040547,"flow_dst_last_pkt_time":116164038,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":794,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":794,"midstream":0,"thread_ts_usec":116164038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01488{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":1990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":114930776,"flow_src_last_pkt_time":115127909,"flow_dst_last_pkt_time":116336924,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":806,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":806,"midstream":0,"thread_ts_usec":116336924,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media","hostname":"189.147.72.83","http": {"url":"189.147.72.83:26108\/uri-res\/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI","code":206,"content_type":"audio\/mpeg","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":1,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116628965,"pkt":"UlQAEjUCCAAn5uVZCABFAABtIxgAAIARvpEKAAIPUAf8wHAJGugAWSw6p+kxAjYZLonacBdkV9ywAUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01463{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2000,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":2,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116679914,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":116679914,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBfMAAEARGTFQB\/zACgACDxrocAkC3\/Iip+kxAjYZLonacBdkV9ywAUQAAMACAAAGR1RLRwAAZxkkdSip9v6JKj37UBrDicBfjMAEUAf8wBroAQAAAASysOQuFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00589{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2003,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":3,"flow_src_last_pkt_time":116776566,"flow_dst_last_pkt_time":101305936,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116776566,"pkt":"UlQAEjUCCAAn5uVZCABFAABte4sAAIAR7VYKAAIPLR+YcHAJaOMAWSdx+0cxAtvllYjgRR1H\/sPbPUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00589{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2005,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":3,"flow_src_last_pkt_time":116859120,"flow_dst_last_pkt_time":101161822,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116859120,"pkt":"UlQAEjUCCAAn5uVZCABFAABt9MUAAIARu2AKAAIPUkAsC3AJBUgAWR\/CHmUxAhaifRIPh7YCtQDKL0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} @@ -1221,40 +1225,40 @@ 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2009,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":3,"flow_src_last_pkt_time":116916595,"flow_dst_last_pkt_time":95753158,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116916595,"pkt":"UlQAEjUCCAAn5uVZCABFAABtSkYAAIARukQKAAIPbYS8YnAJ9YMAWSTZAPYxAt0gaIFrQZ34NDjR2kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2010,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":3,"flow_src_last_pkt_time":116942486,"flow_dst_last_pkt_time":95892313,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116942486,"pkt":"UlQAEjUCCAAn5uVZCABFAABtkeQAAIARbpkKAAIPYOzNB3AJh+oAWWt89cIxAlSvaqi63PpUHKTx3UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00589{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2012,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":3,"flow_src_last_pkt_time":116952656,"flow_dst_last_pkt_time":100920359,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116952656,"pkt":"UlQAEjUCCAAn5uVZCABFAABtMigAAIARW8EKAAIPXjZCUnAJ+JUAWdgAXr4xAg\/r1cFsj19qlWaDPkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -02477{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2062,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":22,"flow_first_seen":114930255,"flow_src_last_pkt_time":119175893,"flow_dst_last_pkt_time":120208521,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":25332,"midstream":0,"thread_ts_usec":120208521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":19,"avg":307222.7,"max":1138736,"stddev":463516.9,"var":214847930368.0,"ent":3.3,"data": [108990,109470,822,1560,1123233,14904,1138736,509,4088,37,4418,993404,175,19,291,993807,142,988894,159,41,989074,4759,4845,1004141,96,26,62,1004324,1027632,5162,84]},"pktlen": {"min":40,"avg":848.8,"max":1500,"stddev":665.4,"var":442787.6,"ent":4.4,"data": [52,44,40,573,40,834,1500,40,1500,1500,104,40,1500,1500,1500,898,40,40,1500,1500,1500,40,898,40,1500,1500,1500,898,40,1500,1500,1500]},"bins": {"c_to_s": [9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]},"directions": [0,1,0,0,1,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,1,0,1,0,1,1,1,1,0,1,1,1],"entropies": [4.609497547,4.578639030,4.630641460,5.871806145,4.521928787,5.952865124,0.550871491,4.780641079,0.258170635,0.344010741,2.390491486,4.730641365,0.581234336,0.509969771,0.584714293,5.567255974,4.730641365,4.780641079,7.829332829,7.753004074,7.739068508,4.630640984,7.696638107,4.680641174,7.725103855,7.755664349,7.761345387,7.697982311,4.780641079,7.769303799,7.739727497,7.769325733]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} -02260{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2072,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90742816,"flow_src_last_pkt_time":121143186,"flow_dst_last_pkt_time":117002254,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1696,"flow_dst_tot_l4_payload_len":3374,"midstream":0,"thread_ts_usec":121143186,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":49,"avg":1827735.8,"max":13801588,"stddev":3934254.5,"var":15478358540288.0,"ent":2.8,"data": [17190,17418,3506,3946,14197,14999,687,2797,2855,25798,49,26144,8990,9323,15893,71757,495574,483536,221196,265159,15579,77266,487598,467678,9468962,9510672,13760964,13801588,1593559,1633954,4140974]},"pktlen": {"min":40,"avg":198.9,"max":1500,"stddev":294.0,"var":86413.1,"ent":4.0,"data": [52,44,40,639,40,699,111,40,304,40,1500,180,40,166,40,91,40,219,40,404,40,387,40,507,40,115,40,111,40,176,40,101]},"bins": {"c_to_s": [8,1,2,1,1,0,0,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,1,1,0,1,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0],"entropies": [4.624014378,4.823068142,4.780641079,5.806199551,4.621928692,5.719610691,5.576837540,4.671928883,5.283092022,4.671928883,7.655467510,6.721651554,4.721928596,6.328861237,4.558695793,5.166602612,4.830641270,6.855683327,4.780641556,7.482919216,4.671928883,7.395811558,4.730640888,7.500388622,4.830641270,5.985765934,4.621928692,5.830484867,4.830641270,6.691635132,4.621928692,5.872485161]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02520{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2062,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":10,"flow_dst_packets_processed":22,"flow_first_seen":114930255,"flow_src_last_pkt_time":119175893,"flow_dst_last_pkt_time":120208521,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":533,"flow_dst_tot_l4_payload_len":25332,"midstream":0,"thread_ts_usec":120208521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":19,"avg":307222.7,"max":1138736,"stddev":463516.9,"var":214847930368.0,"ent":3.3,"data": [108990,109470,822,1560,1123233,14904,1138736,509,4088,37,4418,993404,175,19,291,993807,142,988894,159,41,989074,4759,4845,1004141,96,26,62,1004324,1027632,5162,84]},"pktlen": {"min":40,"avg":848.8,"max":1500,"stddev":665.4,"var":442787.6,"ent":4.4,"data": [52,44,40,573,40,834,1500,40,1500,1500,104,40,1500,1500,1500,898,40,40,1500,1500,1500,40,898,40,1500,1500,1500,898,40,1500,1500,1500]},"bins": {"c_to_s": [9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,0,0]},"directions": [0,1,0,0,1,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,1,0,1,0,1,1,1,1,0,1,1,1],"entropies": [4.609497547,4.578639030,4.630641460,5.871806145,4.521928787,5.952865124,0.550871491,4.780641079,0.258170635,0.344010741,2.390491486,4.730641365,0.581234336,0.509969771,0.584714293,5.567255974,4.730641365,4.780641079,7.829332829,7.753004074,7.739068508,4.630640984,7.696638107,4.680641174,7.725103855,7.755664349,7.761345387,7.697982311,4.780641079,7.769303799,7.739727497,7.769325733]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +02303{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2072,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90742816,"flow_src_last_pkt_time":121143186,"flow_dst_last_pkt_time":117002254,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1696,"flow_dst_tot_l4_payload_len":3374,"midstream":0,"thread_ts_usec":121143186,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":49,"avg":1827735.8,"max":13801588,"stddev":3934254.5,"var":15478358540288.0,"ent":2.8,"data": [17190,17418,3506,3946,14197,14999,687,2797,2855,25798,49,26144,8990,9323,15893,71757,495574,483536,221196,265159,15579,77266,487598,467678,9468962,9510672,13760964,13801588,1593559,1633954,4140974]},"pktlen": {"min":40,"avg":198.9,"max":1500,"stddev":294.0,"var":86413.1,"ent":4.0,"data": [52,44,40,639,40,699,111,40,304,40,1500,180,40,166,40,91,40,219,40,404,40,387,40,507,40,115,40,111,40,176,40,101]},"bins": {"c_to_s": [8,1,2,1,1,0,0,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [8,1,1,0,1,1,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0],"entropies": [4.624014378,4.823068142,4.780641079,5.806199551,4.621928692,5.719610691,5.576837540,4.671928883,5.283092022,4.671928883,7.655467510,6.721651554,4.721928596,6.328861237,4.558695793,5.166602612,4.830641270,6.855683327,4.780641556,7.482919216,4.671928883,7.395811558,4.730640888,7.500388622,4.830641270,5.985765934,4.621928692,5.830484867,4.830641270,6.691635132,4.621928692,5.872485161]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":72852470,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":72850420,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":71540581,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00727{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00879{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00870{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00865{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00999{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":73950296,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00922{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00913{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00908{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00914{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01042{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":73950296,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00879{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00922{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":71540885,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536330,"flow_src_last_pkt_time":71536330,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00891{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00934{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":71540138,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":72853366,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00869{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00912{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":72849569,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":72852834,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":72852642,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1269,17 +1273,17 @@ 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00885{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00928{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":72853009,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":71539473,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":72853538,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00873{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":71540385,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2082,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":72853189,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":121253102,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1287,57 +1291,57 @@ 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2111,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":3,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":95941178,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123877237,"pkt":"UlQAEjUCCAAn5uVZCABFAABtptcAAIAR2PwKAAIPpIQKGXAJ2AYAWdpE9ZMxAnuYArMNMRKsJogRPUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2113,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2113,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_packet_id":1,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123912290,"pkt":"UlQAEjUCCAAn5uVZCABFAABtUhMAAIARg2YKAAIPGHRAhHAJyBsAWUp2fKAxAtxaLOqCcitFlOv4V0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2113,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2113,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2114,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912514,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2114,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_packet_id":1,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123912514,"pkt":"UlQAEjUCCAAn5uVZCABFAABt60MAAIARl6IKAAIP3cbNxHAJUSoAWRoYg28xAvjrsUFUSfHbBKidMkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00973{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2114,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912514,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01016{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2114,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912514,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2115,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912731,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2115,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_packet_id":1,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123912731,"pkt":"UlQAEjUCCAAn5uVZCABFAABtoEYAAIAR\/8UKAAIPV3s26nAJ03IAWfTcKgkxAlGmPJUzLkH07Ma7h0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2115,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912731,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2115,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912731,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01462{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2118,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_packet_id":2,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":124065276,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkcAAEARuhndxs3ECgACD1EqcAkC3zKOg28xAvjrsUFUSfHbBKidMkQAAMACAAAGR1RLRwAAhAWx\/4G\/aeOxkw5wrlcHOTlCresE3cbNxFEqAQAAAAT9knizFEdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkA=="} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2119,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":3,"flow_src_last_pkt_time":124065911,"flow_dst_last_pkt_time":90892029,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124065911,"pkt":"UlQAEjUCCAAn5uVZCABFAABtOI8AAIAR8XkKAAIPubtKrXAJ0PEAWeogCGsxAoAKiW4WeGL5TjmTYEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066131,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_packet_id":1,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124066131,"pkt":"UlQAEjUCCAAn5uVZCABFAABtpB8AAIAR69kKAAIPJo536nAJwkQAWcjqSEIxAiBrw4qXLe42xzCJ9UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066131,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066131,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2121,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066283,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2121,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_packet_id":1,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124066283,"pkt":"UlQAEjUCCAAn5uVZCABFAABtsCgAAIARfIsKAAIPGIHpPHAJThYAWZr\/PMAxAkVlEJdEiTyKQUzsekQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2121,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066283,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2121,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066283,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2123,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090360,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2123,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_packet_id":1,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090360,"pkt":"UlQAEjUCCAAn5uVZCABFAABtt4sAAIAR+XsKAAIPYtAamnAJE4IAWYPzFGQxAgG2rIRjjgWOdH93UEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2123,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090360,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2123,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090360,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2124,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090579,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2124,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_packet_id":1,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090579,"pkt":"UlQAEjUCCAAn5uVZCABFAABt2TsAAIARn8YKAAIPWdRbm3AJFEsAWd1KrbwxApZ9ZL+wNENsMFG4eUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2124,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090579,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2124,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090579,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":1,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090730,"pkt":"UlQAEjUCCAAn5uVZCABFAABtN+oAAIARg3wKAAIPzyaj5HAJGnoAWUl8GqIxAsDHb8ARC\/TCVyKtTkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2125,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01460{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2126,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_packet_id":2,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":124181723,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkkAAEARxyomjnfqCgACD8JEcAkC3z99SEIxAiBrw4qXLe42xzCJ9UQAAMACAAAGR1RLRwAAjVz9Bf0jf1LZ5zMd\/xsbFCoGHdIEJo536sJEAQAAAAT9X3JyFEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8VdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkA=="} -02509{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2138,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":21,"flow_first_seen":114930776,"flow_src_last_pkt_time":123432179,"flow_dst_last_pkt_time":124445371,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":22968,"midstream":0,"thread_ts_usec":124445371,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":42,"avg":581161.2,"max":1214808,"stddev":505873.5,"var":255907954688.0,"ent":4.2,"data": [193649,195345,1788,3675,1208824,5559,69,1214808,993314,122,993548,1040345,116,1040488,1001310,128,1001514,998194,120,998177,1008259,218,1008532,1046807,141,1046873,1000209,118,1000330,1013376,42]},"pktlen": {"min":40,"avg":775.1,"max":1500,"stddev":623.9,"var":389219.0,"ent":4.4,"data": [52,44,40,578,40,846,1500,326,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132]},"bins": {"c_to_s": [10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,9,0,0]},"directions": [0,1,0,0,1,1,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1],"entropies": [4.624014378,4.777613640,4.730640888,5.858736038,4.571928978,5.938837528,7.826196671,7.250766277,4.730641365,7.843273640,7.780950546,4.780641079,7.843047142,7.798923969,4.780641079,7.867131710,7.830142498,4.671928406,7.858473778,7.796208858,4.780641079,7.826694965,7.757758141,4.730641365,7.853250504,7.817744732,4.780641079,7.872528076,7.809401989,4.780641079,7.820863247,7.791663170]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +02552{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2138,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":21,"flow_first_seen":114930776,"flow_src_last_pkt_time":123432179,"flow_dst_last_pkt_time":124445371,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":538,"flow_dst_tot_l4_payload_len":22968,"midstream":0,"thread_ts_usec":124445371,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":42,"avg":581161.2,"max":1214808,"stddev":505873.5,"var":255907954688.0,"ent":4.2,"data": [193649,195345,1788,3675,1208824,5559,69,1214808,993314,122,993548,1040345,116,1040488,1001310,128,1001514,998194,120,998177,1008259,218,1008532,1046807,141,1046873,1000209,118,1000330,1013376,42]},"pktlen": {"min":40,"avg":775.1,"max":1500,"stddev":623.9,"var":389219.0,"ent":4.4,"data": [52,44,40,578,40,846,1500,326,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132]},"bins": {"c_to_s": [10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,9,0,0]},"directions": [0,1,0,0,1,1,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1],"entropies": [4.624014378,4.777613640,4.730640888,5.858736038,4.571928978,5.938837528,7.826196671,7.250766277,4.730641365,7.843273640,7.780950546,4.780641079,7.843047142,7.798923969,4.780641079,7.867131710,7.830142498,4.671928406,7.858473778,7.796208858,4.780641079,7.826694965,7.757758141,4.730641365,7.853250504,7.817744732,4.780641079,7.872528076,7.809401989,4.780641079,7.820863247,7.791663170]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2164,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":126831784,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126831784,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2164,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":1,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":126831784,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bCBAAIAGmjkKAAIPRXai5cSatzq0d6IdAAAAAIAC+vCtSgAAAgQFtAEDAwgBAQQC"} 00503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2165,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":2,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":126943376,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBmMAAEAGf\/9FdqLlCgACD7c6xJoBCaABtHeiHmAS\/\/8wNgAAAgQFtA=="} 00492{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2166,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":3,"flow_src_last_pkt_time":126943824,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"pkt_oversize":false,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":126943824,"pkt":"UlQAEjUCCAAn5uVZCABFAAAobCFAAIAGmkQKAAIPRXai5cSatzq0d6IeAQmgAlAQ+vBNAgAA"} -01462{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2167,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":126831784,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126944176,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/gnutella\/thex\/v1?urn:tree:tiger\/:3WMUS6WM2ZC7XIPRQDKXWHHJRV4IKYC4OX4ELCA&depth=9&ed2k=1","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} +01505{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2167,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":126831784,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126943376,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126944176,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"69.118.162.229","http": {"url":"69.118.162.229:46906\/gnutella\/thex\/v1?urn:tree:tiger\/:3WMUS6WM2ZC7XIPRQDKXWHHJRV4IKYC4OX4ELCA&depth=9&ed2k=1","code":0,"content_type":"","user_agent":"gtk-gnutella\/1.2.2 (2022-02-25; GTK2; Windows x64)"}}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2197,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2197,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":1,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174282,"pkt":"UlQAEjUCCAAn5uVZCABFAABtuPMAAIAR0zIKAAIPTOJVaXAJGMoAWVtEeBkxArN0R\/zFhR7fMHiNqUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2197,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2197,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2198,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2198,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_packet_id":1,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174425,"pkt":"UlQAEjUCCAAn5uVZCABFAABt3TUAAIAR+CYKAAIPsAqpCnAJMf8AWSFl+80xAiQL9J1qTYJox\/q2yUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2198,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2198,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2199,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2199,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_packet_id":1,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174578,"pkt":"UlQAEjUCCAAn5uVZCABFAABttG4AAIARw98KAAIPVMVhXnAJBVAAWURxEsIxAlakBl2ebhXyeemOeEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2199,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2199,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00700{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2200,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129210409,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00628{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2200,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_packet_id":1,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":151,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":151,"pkt_l4_len":117,"thread_ts_usec":129210409,"pkt":"CAAn5uVZUlQAEjUCCABFwACJBngAAH8BcgpUxWFeCgACDwMDv5kAAAAARQAAbbRuAAB\/EcTfCgACD1TFYV5wCQVQAFlEcRLCMQJWpAZdnm4V8nnpjnhEAAA6AAAABUdUS0cAACidCo0G3v\/IJjwziXwskXn9hKthBF0v4jVwCQEBAACHpNmcaMjLrgz72SMJ7seAsLgKkg=="} -00825{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2200,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129210409,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.868061}} +00868{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2200,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129210409,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.868061}} 01460{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2201,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":2,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":129344463,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBnkAAEARwydM4lVpCgACDxjKcAkC3ybmeBkxArN0R\/zFhR7fMHiNqUQAAMACAAAGR1RLRwAAnpfHNvHWgDxrrvMwVMRjMd2z66QETOJVaRjKAQAAAAS4IqVOFEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaeldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkEdUS0cAALyzuhm5M4uYhLkABGRqZbdy38iOBGIjVe59rQ=="} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2202,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129345202,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2202,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_packet_id":1,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129345202,"pkt":"UlQAEjUCCAAn5uVZCABFAABtA3wAAIARyZcKAAIPY\/r9Y3AJLisAWcb1VskxAtkesLI2UdbrHnvJmEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2202,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129345202,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2202,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129345202,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2203,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_packet_id":2,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129345276,"pkt":"UlQAEjUCCAAn5uVZCABFAABtFDMAAIARzrIKAAIPZAHninAJ3O4AWa5oGAExAiz8sZobXXh7jKY+cEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_packet_id":2,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129345403,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTdUAAIARVp8KAAIPVBw14XAJrzsAWRB8uXsxAsNFs8rL71MevwvUD0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00852{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00836{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00895{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00879{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":82059658,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2235,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":82062320,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":130927497,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1428,7 +1432,7 @@ 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2265,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_packet_id":2,"flow_src_last_pkt_time":131673544,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131673544,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Wk0AAIARMwEKAAIPVhdLRXAJGMoAIGjuR05EED8SAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2266,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_packet_id":2,"flow_src_last_pkt_time":131673716,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131673716,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rD4AAIARiPIKAAIPVuOilnAJGMoAIBDQR05EED8TAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2267,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_packet_id":2,"flow_src_last_pkt_time":131673854,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131673854,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JF4AAIARIm4KAAIPWkGNnXAJGMoAICJqR05EED8UAQFUC1FLUlAGUk5BXS\/iNQlw"} -02277{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2277,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":71205274,"flow_src_last_pkt_time":117002547,"flow_dst_last_pkt_time":132821508,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":705,"flow_dst_tot_l4_payload_len":2420,"midstream":0,"thread_ts_usec":132821508,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":1091,"avg":3464951.8,"max":22684647,"stddev":6255594.5,"var":39132462055424.0,"ent":3.3,"data": [399865,400165,2576,3065,879170,880284,1091,343284,15848,359592,3003,2180,5087,145122,145627,10048654,10048652,469496,2676,472723,3557750,3604090,6175326,6222212,413766,464528,22633783,22684647,605343,604983,15818919]},"pktlen": {"min":40,"avg":138.2,"max":1064,"stddev":217.4,"var":47264.8,"ent":4.0,"data": [52,44,40,344,40,323,143,40,118,762,40,53,58,40,149,40,104,40,1064,45,40,122,40,70,40,213,40,52,40,123,40,62]},"bins": {"c_to_s": [9,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,2,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,1,0,1,1,0,0,1,0,1,1,1,0,1,0,0,1,1,0,0,1,0,1,1],"entropies": [4.638531685,4.760457039,4.611769199,5.768550396,4.503056526,5.575543404,5.615631580,4.553056717,5.640929699,7.709812641,4.680641174,4.708038807,4.874885082,4.592897415,6.317804813,4.453056812,5.923436165,4.453056812,7.776337624,4.335103989,4.830641270,6.163827896,4.780641556,5.454720020,4.621928692,6.573338509,4.730640888,4.776329994,4.621928692,6.159438610,4.571928978,4.925578117]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02320{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2277,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":71205274,"flow_src_last_pkt_time":117002547,"flow_dst_last_pkt_time":132821508,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":705,"flow_dst_tot_l4_payload_len":2420,"midstream":0,"thread_ts_usec":132821508,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":1091,"avg":3464951.8,"max":22684647,"stddev":6255594.5,"var":39132462055424.0,"ent":3.3,"data": [399865,400165,2576,3065,879170,880284,1091,343284,15848,359592,3003,2180,5087,145122,145627,10048654,10048652,469496,2676,472723,3557750,3604090,6175326,6222212,413766,464528,22633783,22684647,605343,604983,15818919]},"pktlen": {"min":40,"avg":138.2,"max":1064,"stddev":217.4,"var":47264.8,"ent":4.0,"data": [52,44,40,344,40,323,143,40,118,762,40,53,58,40,149,40,104,40,1064,45,40,122,40,70,40,213,40,52,40,123,40,62]},"bins": {"c_to_s": [9,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,2,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,1,0,1,1,0,0,1,0,1,1,1,0,1,0,0,1,1,0,0,1,0,1,1],"entropies": [4.638531685,4.760457039,4.611769199,5.768550396,4.503056526,5.575543404,5.615631580,4.553056717,5.640929699,7.709812641,4.680641174,4.708038807,4.874885082,4.592897415,6.317804813,4.453056812,5.923436165,4.453056812,7.776337624,4.335103989,4.830641270,6.163827896,4.780641556,5.454720020,4.621928692,6.573338509,4.730640888,4.776329994,4.621928692,6.159438610,4.571928978,4.925578117]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2280,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132831233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2280,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_packet_id":1,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831233,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BqoAAIARzHEKAAIPw7WX2XAJYsIAIGTAR05EED8VAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2281,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":2,"flow_src_last_pkt_time":132831544,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831544,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jJMAAIARUAgKAAIPp3KqnHAJXSQAIHPdR05EED8WAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1455,86 +1459,86 @@ 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2310,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":2,"flow_src_last_pkt_time":134428529,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":134428529,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAsMAAIAR5egKAAIP1eVv4HAJEwwAWfhP39IxAiTPawjpKg8FqMjKpUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2360,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506098,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506098,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2360,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":1,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139506098,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAv8AAIARQCgKAAIPtXY11HAJdS4AWScUhfMxArbJ5SyHh4zpjzvfRkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2360,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506098,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506098,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2360,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506098,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506098,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2361,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506262,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506262,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2361,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":1,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139506262,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYr4AAIAR3CUKAAIPP+SvqXAJB5AAWZrqJBYxAlmizjMkdrKTCQRuaEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2361,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506262,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506262,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2361,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506262,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506262,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2362,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506403,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2362,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_packet_id":1,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139506403,"pkt":"UlQAEjUCCAAn5uVZCABFAABtewQAAIAR+1sKAAIPYiNV7nAJfa0AWf9BqZoxAuJR0ARRd\/sw16p3JUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2362,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506403,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2362,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506403,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01460{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2372,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":2,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139668978,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":139668978,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBs0AAEARedS1djXUCgACD3UucAkC3zh9hfMxArbJ5SyHh4zpjzvfRkQAAMACAAAGR1RLRwAAtKvoCtBqd4zMwnzU9a6qM7XaCosEtXY11HUuAQAAAARfhHP4FEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkEdUS0cAALyzuhm5M4uYhLkABGRqZbdy38iOBGIjVe59rUdUS0cAALrtVGIh6HCMeHje7ytMi7+QCmj9BC\/grq4Yyg=="} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2373,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139669712,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2373,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_packet_id":1,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139669712,"pkt":"UlQAEjUCCAAn5uVZCABFAABtmlYAAIARtYwKAAIPL+CurnAJGMoAWfYTyxgxAvXWHJDN+FF7HrIjWEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2373,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139669712,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2373,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139669712,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2374,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":3,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":96048683,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139669839,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTeQAAIAR4qUKAAIPSfqz7XAJUXAAWTtzDAwxAhYFwQyFnvxYxDh4UUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2375,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":3,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":95918456,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139669995,"pkt":"UlQAEjUCCAAn5uVZCABFAABtxQMAAIAR4QkKAAIPvKXLvnAJVesAWccLy3UxAr1ooy\/Zmhwx1EOQ8UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2379,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":3,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":95818452,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139695067,"pkt":"UlQAEjUCCAAn5uVZCABFAABtX58AAIARHekKAAIPXNlUEHAJTv8AWRxrcuoxAvEddJz1CNyRxwOe00QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 01461{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2380,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":2,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139713966,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":139713966,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBs8AAEARdY8\/5K+pCgACDweQcAkC3wv2JBYxAlmizjMkdrKTCQRuaEQAAMACAAAGR1RLRwAAvVxlUBplmElM4+WSnDqN9PxphG0EP+SvqQeQAQAAAAQC89xEFEdUS0cAAISEnKMAahWoBBfUee10B\/B49\/r0BBh0QITIG0dUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo4w=="} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2382,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":3,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":95773465,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139724918,"pkt":"UlQAEjUCCAAn5uVZCABFAABtGLkAAIARtUAKAAIPsGOwFHAJGMoAWZkZdrExAg1GSrdXL+O9TXzC9kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2383,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":3,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":95956975,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139724985,"pkt":"UlQAEjUCCAAn5uVZCABFAABtceoAAIARV2EKAAIPrbe3bnAJ6hAAWRX5yaAxAh\/9BvdPXg4EHkta+EQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -00853{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00849{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00837{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":89829259,"flow_src_last_pkt_time":106277299,"flow_dst_last_pkt_time":107031125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":111857677,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95264476,"flow_src_last_pkt_time":111857759,"flow_dst_last_pkt_time":112010744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90005361,"flow_src_last_pkt_time":111378187,"flow_dst_last_pkt_time":111410036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":111444536,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00896{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00892{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":9752466,"flow_src_last_pkt_time":17749890,"flow_dst_last_pkt_time":9752466,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":8,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":16,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":40,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::2","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00880{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":89829259,"flow_src_last_pkt_time":106277299,"flow_dst_last_pkt_time":107031125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":111857677,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95264476,"flow_src_last_pkt_time":111857759,"flow_dst_last_pkt_time":112010744,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90005361,"flow_src_last_pkt_time":111378187,"flow_dst_last_pkt_time":111410036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":111444536,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00920{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95443212,"flow_src_last_pkt_time":116628818,"flow_dst_last_pkt_time":116858689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95443212,"flow_src_last_pkt_time":116628818,"flow_dst_last_pkt_time":116858689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90184128,"flow_src_last_pkt_time":111540517,"flow_dst_last_pkt_time":111857033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90184128,"flow_src_last_pkt_time":111540517,"flow_dst_last_pkt_time":111857033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90880863,"flow_src_last_pkt_time":111857897,"flow_dst_last_pkt_time":111887726,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":2269,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":111540214,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":344,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90073006,"flow_src_last_pkt_time":111444826,"flow_dst_last_pkt_time":111486609,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00873{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":116893580,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":106314985,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90072798,"flow_src_last_pkt_time":139782376,"flow_dst_last_pkt_time":140093312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2908,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90073006,"flow_src_last_pkt_time":111444826,"flow_dst_last_pkt_time":111486609,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":116893580,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":106314985,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90072798,"flow_src_last_pkt_time":139782376,"flow_dst_last_pkt_time":140093312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2908,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":89966706,"flow_src_last_pkt_time":106277378,"flow_dst_last_pkt_time":106313928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00873{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":111410817,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":106314874,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":111410933,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":89966706,"flow_src_last_pkt_time":106277378,"flow_dst_last_pkt_time":106313928,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":111410817,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":106314874,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":111410933,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":90871417,"flow_src_last_pkt_time":90871417,"flow_dst_last_pkt_time":90892088,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":107,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":107,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":89829104,"flow_src_last_pkt_time":106277218,"flow_dst_last_pkt_time":106411851,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":89829104,"flow_src_last_pkt_time":106277218,"flow_dst_last_pkt_time":106411851,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90845230,"flow_src_last_pkt_time":96404307,"flow_dst_last_pkt_time":96577312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":88,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":128,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784399,"flow_src_last_pkt_time":139782226,"flow_dst_last_pkt_time":139889728,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90138188,"flow_src_last_pkt_time":111487224,"flow_dst_last_pkt_time":111816041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784399,"flow_src_last_pkt_time":139782226,"flow_dst_last_pkt_time":139889728,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90138188,"flow_src_last_pkt_time":111487224,"flow_dst_last_pkt_time":111816041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":6,"flow_first_seen":89016303,"flow_src_last_pkt_time":116680300,"flow_dst_last_pkt_time":116776097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":425,"flow_dst_tot_l4_payload_len":2393,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95716693,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":139781413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95716693,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":139781413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90864578,"flow_src_last_pkt_time":124065911,"flow_dst_last_pkt_time":124089575,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":834,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90039406,"flow_src_last_pkt_time":139782457,"flow_dst_last_pkt_time":139812033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2908,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":106314791,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":111487520,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90005045,"flow_src_last_pkt_time":111378061,"flow_dst_last_pkt_time":111503854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":111377862,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":95784128,"flow_src_last_pkt_time":139725014,"flow_dst_last_pkt_time":123854529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90138420,"flow_src_last_pkt_time":111487370,"flow_dst_last_pkt_time":111539355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":111540389,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":101162745,"flow_src_last_pkt_time":123877196,"flow_dst_last_pkt_time":124058950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":134428529,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893685,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":139694412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":101122636,"flow_src_last_pkt_time":123877109,"flow_dst_last_pkt_time":123911503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90039406,"flow_src_last_pkt_time":139782457,"flow_dst_last_pkt_time":139812033,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2908,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":106314791,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":111487520,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90005045,"flow_src_last_pkt_time":111378061,"flow_dst_last_pkt_time":111503854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":111377862,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":95784128,"flow_src_last_pkt_time":139725014,"flow_dst_last_pkt_time":123854529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90138420,"flow_src_last_pkt_time":111487370,"flow_dst_last_pkt_time":111539355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":111540389,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2407,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":140848774,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":101162745,"flow_src_last_pkt_time":123877196,"flow_dst_last_pkt_time":124058950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":134428529,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893685,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":139694412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":101122636,"flow_src_last_pkt_time":123877109,"flow_dst_last_pkt_time":123911503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2510,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":151257711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2525,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":3,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":152618863,"pkt":"UlQAEjUCCAAn5uVZCABFAABtv\/0AAIAR2ksKAAIPucvaXHAJ3oIAWWGJo3cxAvUqie+XZ8I4MOlY7kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2526,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_packet_id":3,"flow_src_last_pkt_time":152619076,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":152619076,"pkt":"UlQAEjUCCAAn5uVZCABFAABtDeIAAIARALwKAAIPQh7dtXAJLuwAWUb9hToxArVYIH1ZKsd\/uJMQM0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2527,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":3,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":152619228,"pkt":"UlQAEjUCCAAn5uVZCABFAABthP4AAIARBkEKAAIPLVh12nAJGv0AWYQlGHcxArF+TA2rx0u82pqvx0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} @@ -1542,11 +1546,11 @@ 00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2585,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_packet_id":3,"flow_src_last_pkt_time":157736048,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":157736048,"pkt":"UlQAEjUCCAAn5uVZCABFAABtGY8AAIAR6JQKAAIPXwrNQ3AJLVMAWaXpjUExAjTUCUmhKozUcF9w9kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2611,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":160009075,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":160009075,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2611,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_packet_id":1,"flow_src_last_pkt_time":160009075,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":160009075,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4K8AAAER3GoKAAIP7\/\/\/+snlB2wAtiNJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00874{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2611,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":160009075,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":160009075,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00917{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2611,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":160009075,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":160009075,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2621,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_packet_id":2,"flow_src_last_pkt_time":161017598,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":161017598,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LAAAAER3GkKAAIP7\/\/\/+snlB2wAtiNJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00878{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00921{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":115369554,"flow_src_last_pkt_time":121820041,"flow_dst_last_pkt_time":122157131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00847{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00890{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":161580086,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1563,63 +1567,63 @@ 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2725,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":3,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":139668978,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168391152,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAwAAAIARQCcKAAIPtXY11HAJdS4AWVKoRtYxAgh8ZUKNU31EKcU+K0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2727,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168428692,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2727,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_packet_id":1,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168428692,"pkt":"UlQAEjUCCAAn5uVZCABFAABtVroAAIARN3AKAAIPxjraDHAJuygAWfAoVB4xAiIUq1VNOT5K4PsAnkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2727,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168428692,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2727,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168428692,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2732,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168555545,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168555545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2732,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":1,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168555545,"pkt":"UlQAEjUCCAAn5uVZCABFAABtB2EAAIARDDsKAAIPVoHEVHAJJrsAWdbAQsoxAjcNEhOQ8aGFyag54kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2732,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168555545,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168555545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2732,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168555545,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168555545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01460{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2733,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":2,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168593913,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":168593913,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB7wAAEARSVpWgcRUCgACDya7cAkC37LQQsoxAjcNEhOQ8aGFyag54kQAAMACAAAGR1RLRwAAUhNI53eBGeJh0nCkclkfZJnzMvMEVoHEVCa7AQAAAATmnBkoFEdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegkdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj1dTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2UdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEA=="} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2734,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168594778,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168594778,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00589{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2734,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":1,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168594778,"pkt":"UlQAEjUCCAAn5uVZCABFAABtbeQAAIARLxYKAAIPvsDStnAJGmIAWe\/nYtExAgjn\/Ke847x2NG4oVEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2734,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168594778,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168594778,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2734,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168594778,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168594778,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2742,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168840831,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00588{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2742,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_packet_id":1,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168840831,"pkt":"UlQAEjUCCAAn5uVZCABFAABteiAAAIARB1cKAAIPUc1bLXAJlZkAWXbGOhUxApJjO\/JuqWKA3F9q70QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2742,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168840831,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2742,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168840831,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01462{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2744,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":2,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168854304,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":168854304,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB8MAAEAR0rG+wNK2CgACDxpicAkC32qFYtExAgjn\/Ke847x2NG4oVEQAAMACAAAGR1RLRwAAVhpgfx\/FIwIUkbHoonVeeVgxwBsEvsDSthpiAQAAAAQZ71djFEdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegkdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj1dTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2UdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeQ=="} -00837{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00880{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":131670910,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":131671769,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":131673544,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00727{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00879{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00870{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00865{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00834{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00999{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":73950296,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00922{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00913{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00908{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00914{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01042{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":73950296,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00879{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00922{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":132832794,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":132834289,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71536330,"flow_src_last_pkt_time":132833488,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00891{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00934{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":131673854,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":116628965,"flow_src_last_pkt_time":163335638,"flow_dst_last_pkt_time":163387809,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":116628965,"flow_src_last_pkt_time":163335638,"flow_dst_last_pkt_time":163387809,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":131672665,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":131669767,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00869{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00912{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":132834410,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":72852834,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":132834112,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":71540796,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":132832943,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1630,19 +1634,19 @@ 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00885{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00928{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":131672894,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":131673397,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":132832169,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00873{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":71540385,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2772,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":132831544,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":171441643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1650,23 +1654,23 @@ 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2804,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":3,"flow_src_last_pkt_time":174269002,"flow_dst_last_pkt_time":168593913,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174269002,"pkt":"UlQAEjUCCAAn5uVZCABFAAByB2IAAIARDDUKAAIPVoHEVHAJJrsAXjsDcFExAhHLtY5GdmAVhlELQEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00733{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2806,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174303564,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00597{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2806,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_packet_id":1,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174303564,"pkt":"UlQAEjUCCAAn5uVZCABFAAByStEAAIARbHkKAAIPwqO0fnAJKkkAXkeElzExAuaUt3SA\/qxG7F60jUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -00973{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2806,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174303564,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01016{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2806,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174303564,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2807,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_packet_id":2,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174303640,"pkt":"UlQAEjUCCAAn5uVZCABFAAByVrsAAIARN2oKAAIPxjraDHAJuygAXpm7NG4xAlN4rvcHLSWuyVzKGkQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00595{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2810,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":3,"flow_src_last_pkt_time":174321941,"flow_dst_last_pkt_time":90892088,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174321941,"pkt":"UlQAEjUCCAAn5uVZCABFAAByxlcAAIARNIMKAAIPjoSlDXAJd2YAXu8TjWExApO4DvtDKbdx2klNVkQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00597{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_packet_id":1,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174322199,"pkt":"UlQAEjUCCAAn5uVZCABFAABy\/iwAAIARW1MKAAIPvBcY1XAJSIEAXn4ZciIxAgUt47TCA6DBC1+HrEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -00971{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2811,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_packet_id":1,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174322734,"pkt":"UlQAEjUCCAAn5uVZCABFAAByI9AAAIARdPYKAAIPXgg3nnAJx8QAXqKieDQxAq3mE0dDpkvWQzLgPUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -00969{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2812,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01462{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2813,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_packet_id":2,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174323550,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174323550,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB+sAAEAR7N7Co7R+CgACDypJcAkC36eTlzExAuaUt3SA\/qxG7F60jUQAAMACAAAGR1RLRwAAW5ZMJAC\/sp0EyBIYLqaZItjn8QIEwqO0fipJAQAAAAQkVMV3FEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCldTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAFFI2BA3K8AVe0IqJAEnw9\/D630lBI6EpQ13ZkdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu0dUS0cAAE3VqZZmQu9JEb4xS9XAL1zJJdrgBLwXGNVIgVdTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmUdUS0cAAEE1vJAZC\/Oid7YdKVGKEGbtSapFBJUco6\/DJFdTSFIAAEJDtkelhifx87ftq707Fzo\/U0PdBC+TNBWPeEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mjw=="} 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2815,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_packet_id":2,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174342629,"pkt":"UlQAEjUCCAAn5uVZCABFAAByeiEAAIARB1EKAAIPUc1bLXAJlZkAXranfCExAmltWPgHip8OOUDUwEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174342792,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_packet_id":1,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174342792,"pkt":"UlQAEjUCCAAn5uVZCABFAAByzKsAAIARKPUKAAIPlRyjr3AJwyQAXo4hNNYxAkNtQBP87WWbzy94OkQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174342792,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2816,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174342792,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174343218,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00596{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_packet_id":1,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174343218,"pkt":"UlQAEjUCCAAn5uVZCABFAAByuwkAAIARD7sKAAIPL5M0FXAJj3gAXq06x7YxAq8Sv7XsAP61JE4GfUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -00970{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174343218,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2817,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174343218,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01459{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2827,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_packet_id":2,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174648242,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB\/MAAEARKy2VHKOvCgACD8MkcAkC37mfNNYxAkNtQBP87WWbzy94OkQAAMACAAAGR1RLRwAAQTW8kBkL86J3th0pUYoQZu1JqkUElRyjr8MkAQAAAAThq6+iFEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCkdUS0cAAFuWTCQAv7KdBMgSGC6mmSLY5\/ECBMKjtH4qSVdTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAFFI2BA3K8AVe0IqJAEnw9\/D630lBI6EpQ13ZkdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu1dTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmVdTSFIAAEJDtkelhifx87ftq707Fzo\/U0PdBC+TNBWPeEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZsldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyQ=="} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":131671934,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1679,7 +1683,7 @@ 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":83520153,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1694,10 +1698,10 @@ 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":82062863,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":82063260,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":131672987,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1715,7 +1719,7 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":82058634,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":83518597,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":132832598,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":82060415,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1743,7 +1747,7 @@ 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":181645126,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -02285{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":3028,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":71205609,"flow_src_last_pkt_time":187576304,"flow_dst_last_pkt_time":187064352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":713,"flow_dst_tot_l4_payload_len":3012,"midstream":0,"thread_ts_usec":187576304,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":276,"avg":7491272.5,"max":55455380,"stddev":14262251.0,"var":203411798622208.0,"ent":3.2,"data": [106993,107336,276,805,178388,179820,1439,41004,98031,375723,432936,10046845,10046768,42293,94463,6595038,6594815,3591919,3643921,39217,93460,24009088,24063297,605105,604823,14641110,23768,14665256,55396943,55455380,453178]},"pktlen": {"min":40,"avg":156.9,"max":1105,"stddev":244.6,"var":59812.5,"ent":4.0,"data": [52,44,40,343,40,323,143,40,912,40,149,40,104,40,1105,40,200,40,70,40,189,40,52,40,123,40,64,489,40,50,40,49]},"bins": {"c_to_s": [11,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [10,0,0,0,1,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,1,0,1,0,0],"entropies": [4.624014378,4.624093533,4.730641365,5.758390427,4.553056717,5.558244705,5.696007252,4.621928692,7.730160713,4.830641270,6.349717140,4.521929264,5.981128693,4.571928978,7.767892838,4.780641556,6.727245331,4.730641365,5.454720020,4.603056908,6.642654419,4.780641079,4.853253365,4.671928883,6.256999493,4.671928883,5.061660290,7.508594036,4.830641270,4.642780781,4.780641556,4.618614674]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +02328{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":3028,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":71205609,"flow_src_last_pkt_time":187576304,"flow_dst_last_pkt_time":187064352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":713,"flow_dst_tot_l4_payload_len":3012,"midstream":0,"thread_ts_usec":187576304,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"data_analysis": {"iat": {"min":276,"avg":7491272.5,"max":55455380,"stddev":14262251.0,"var":203411798622208.0,"ent":3.2,"data": [106993,107336,276,805,178388,179820,1439,41004,98031,375723,432936,10046845,10046768,42293,94463,6595038,6594815,3591919,3643921,39217,93460,24009088,24063297,605105,604823,14641110,23768,14665256,55396943,55455380,453178]},"pktlen": {"min":40,"avg":156.9,"max":1105,"stddev":244.6,"var":59812.5,"ent":4.0,"data": [52,44,40,343,40,323,143,40,912,40,149,40,104,40,1105,40,200,40,70,40,189,40,52,40,123,40,64,489,40,50,40,49]},"bins": {"c_to_s": [11,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [10,0,0,0,1,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,1,0,1,0,0],"entropies": [4.624014378,4.624093533,4.730641365,5.758390427,4.553056717,5.558244705,5.696007252,4.621928692,7.730160713,4.830641270,6.349717140,4.521929264,5.981128693,4.571928978,7.767892838,4.780641556,6.727245331,4.730641365,5.454720020,4.603056908,6.642654419,4.780641079,4.853253365,4.671928883,6.256999493,4.671928883,5.061660290,7.508594036,4.830641270,4.642780781,4.780641556,4.618614674]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3065,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_packet_id":2,"flow_src_last_pkt_time":191700213,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191700213,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00HEAAIARI3sKAAIPfCy+kXAJJ7oAIMCGR05EED8oAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3066,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":2,"flow_src_last_pkt_time":191700445,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191700445,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uoEAAIARu5gKAAIPXFhcOHAJUhEAIBhcR05EED8pAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3067,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":3,"flow_src_last_pkt_time":191700671,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191700671,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06UYAAIARhsYKAAIPW7Ni6nAJGMoAIEuVR05EED8qAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1766,75 +1770,75 @@ 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3084,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":2,"flow_src_last_pkt_time":191703986,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191703986,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lsMAAIARXJwKAAIPVvTkVnAJJ5MAIMANR05EED87AQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3085,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_packet_id":2,"flow_src_last_pkt_time":191704123,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191704123,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VboAAIARb2MKAAIPpanD43AJGMoAIKCTR05EED88AQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3086,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_packet_id":2,"flow_src_last_pkt_time":191704243,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":191704243,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dUAAAIARISYKAAIPsKPnoHAJGMoAIHHbR05EED89AQFUC1FLUlAGUk5BXS\/iNQlw"} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63000408,"flow_src_last_pkt_time":63524574,"flow_dst_last_pkt_time":63524726,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":64032727,"flow_src_last_pkt_time":64562062,"flow_dst_last_pkt_time":64562135,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142619,"flow_src_last_pkt_time":70230636,"flow_dst_last_pkt_time":70230366,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":756,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":756,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69141177,"flow_src_last_pkt_time":69581531,"flow_dst_last_pkt_time":69581706,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":540,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":540,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":68108022,"flow_src_last_pkt_time":68639636,"flow_dst_last_pkt_time":68639339,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":546,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":546,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63000408,"flow_src_last_pkt_time":63524574,"flow_dst_last_pkt_time":63524726,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":50196,"dst_port":12556,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":46,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":64032727,"flow_src_last_pkt_time":64562062,"flow_dst_last_pkt_time":64562135,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":304,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":50206,"dst_port":8255,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":77,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142619,"flow_src_last_pkt_time":70230636,"flow_dst_last_pkt_time":70230366,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":302,"flow_dst_max_l4_payload_len":756,"flow_src_tot_l4_payload_len":302,"flow_dst_tot_l4_payload_len":756,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.135.209","src_port":50236,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":73,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69141177,"flow_src_last_pkt_time":69581531,"flow_dst_last_pkt_time":69581706,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":540,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":540,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":50232,"dst_port":15068,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":67,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":68108022,"flow_src_last_pkt_time":68639636,"flow_dst_last_pkt_time":68639339,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":546,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":546,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":50226,"dst_port":15677,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":64030714,"flow_src_last_pkt_time":65404055,"flow_dst_last_pkt_time":65583736,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":50202,"dst_port":57648,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63001005,"flow_src_last_pkt_time":63616655,"flow_dst_last_pkt_time":63616781,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":537,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":537,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":36,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":63001005,"flow_src_last_pkt_time":63616655,"flow_dst_last_pkt_time":63616781,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":537,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":537,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":50197,"dst_port":3931,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67093789,"flow_src_last_pkt_time":68857088,"flow_dst_last_pkt_time":69216407,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":50222,"dst_port":6523,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":67092791,"flow_src_last_pkt_time":69124029,"flow_dst_last_pkt_time":69473760,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.196.226","src_port":50220,"dst_port":3820,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":64031460,"flow_src_last_pkt_time":64521739,"flow_dst_last_pkt_time":64521815,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":541,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":541,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01054{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":64031460,"flow_src_last_pkt_time":64521739,"flow_dst_last_pkt_time":64521815,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":541,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":541,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":50203,"dst_port":18994,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":69,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":68109135,"flow_src_last_pkt_time":69747482,"flow_dst_last_pkt_time":70047954,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":50228,"dst_port":14384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01006{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":63001980,"flow_src_last_pkt_time":63445433,"flow_dst_last_pkt_time":63445570,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":65062594,"flow_src_last_pkt_time":65418382,"flow_dst_last_pkt_time":65418564,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142400,"flow_src_last_pkt_time":69227111,"flow_dst_last_pkt_time":69227285,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90005361,"flow_src_last_pkt_time":180164844,"flow_dst_last_pkt_time":180196283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01049{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":63001980,"flow_src_last_pkt_time":63445433,"flow_dst_last_pkt_time":63445570,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":50199,"dst_port":36728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":51,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":65062594,"flow_src_last_pkt_time":65418382,"flow_dst_last_pkt_time":65418564,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":50211,"dst_port":23458,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":76,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":69142400,"flow_src_last_pkt_time":69227111,"flow_dst_last_pkt_time":69227285,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.118.70","src_port":50235,"dst_port":6906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90005361,"flow_src_last_pkt_time":180164844,"flow_dst_last_pkt_time":180196283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00920{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90184128,"flow_src_last_pkt_time":179814808,"flow_dst_last_pkt_time":180130949,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90184128,"flow_src_last_pkt_time":179814808,"flow_dst_last_pkt_time":180130949,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90880863,"flow_src_last_pkt_time":176255689,"flow_dst_last_pkt_time":176285010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":670,"flow_dst_tot_l4_payload_len":3829,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90073006,"flow_src_last_pkt_time":174723280,"flow_dst_last_pkt_time":174761998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00873{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90072798,"flow_src_last_pkt_time":180323696,"flow_dst_last_pkt_time":180633579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90073006,"flow_src_last_pkt_time":174723280,"flow_dst_last_pkt_time":174761998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90072798,"flow_src_last_pkt_time":180323696,"flow_dst_last_pkt_time":180633579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":89966706,"flow_src_last_pkt_time":180634354,"flow_dst_last_pkt_time":180691847,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00873{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":163151217,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":89966706,"flow_src_last_pkt_time":180634354,"flow_dst_last_pkt_time":180691847,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00916{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":163151217,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00930{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90871417,"flow_src_last_pkt_time":174321941,"flow_dst_last_pkt_time":174341975,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":834,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":174008534,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":174008534,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784399,"flow_src_last_pkt_time":139782226,"flow_dst_last_pkt_time":139889728,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138188,"flow_src_last_pkt_time":174723209,"flow_dst_last_pkt_time":175039150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784399,"flow_src_last_pkt_time":139782226,"flow_dst_last_pkt_time":139889728,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138188,"flow_src_last_pkt_time":174723209,"flow_dst_last_pkt_time":175039150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00742{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95716693,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":139781413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95716693,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":139781413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90864578,"flow_src_last_pkt_time":124065911,"flow_dst_last_pkt_time":124089575,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":834,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90039406,"flow_src_last_pkt_time":180131681,"flow_dst_last_pkt_time":180164082,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":152619076,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00847{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90005045,"flow_src_last_pkt_time":180196993,"flow_dst_last_pkt_time":180322753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784128,"flow_src_last_pkt_time":139725014,"flow_dst_last_pkt_time":146329784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138420,"flow_src_last_pkt_time":174887033,"flow_dst_last_pkt_time":174930342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90039406,"flow_src_last_pkt_time":180131681,"flow_dst_last_pkt_time":180164082,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":152619076,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00890{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90005045,"flow_src_last_pkt_time":180196993,"flow_dst_last_pkt_time":180322753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784128,"flow_src_last_pkt_time":139725014,"flow_dst_last_pkt_time":146329784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138420,"flow_src_last_pkt_time":174887033,"flow_dst_last_pkt_time":174930342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3091,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":191906582,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3099,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_packet_id":3,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":243,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":243,"pkt_l4_len":209,"thread_ts_usec":192636357,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAADlHP0AAIARA\/4KAAIPCgAC\/wCKAIoA0X6VEQKcLwoAAg8AigC7AAAgRU5GREVGRUVFSEVGRkhFSkVPREJEQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAOgDAAAAAAAAAAAhAFYAAwABAAAAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQCAqQMATVNFREdFV0lOMTAAAAAAAAoAAxAAAA8BVaoA"} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3103,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_packet_id":2,"flow_src_last_pkt_time":192907093,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192907093,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J3gAAIARnXEKAAIPKfk\/yHAJWDYAIGDxR05EED8+AQFUC1FLUlAGUk5BXS\/iNQlw"} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3104,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_packet_id":2,"flow_src_last_pkt_time":192907327,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192907327,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0H4EAAIARbHsKAAIPTB5WkHAJ0j0AIK37R05EED8\/AQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1847,102 +1851,102 @@ 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3111,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":3,"flow_src_last_pkt_time":192908332,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192908332,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s0sAAIARB+8KAAIPrGHHDnAJGMoAIJamR05EED9GAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3112,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":3,"flow_src_last_pkt_time":192908402,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192908402,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jJQAAIARUAcKAAIPp3KqnHAJXSQAIHOsR05EED9HAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3113,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_packet_id":3,"flow_src_last_pkt_time":192908508,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":192908508,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0770AAIARtrQKAAIPpanijnAJGMoAIIHcR05EED9IAQFUC1FLUlAGUk5BXS\/iNQlw"} -00881{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00868{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00863{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00924{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":15,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118832,"flow_src_last_pkt_time":15640687,"flow_dst_last_pkt_time":13118832,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1073,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1073,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":12876,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00911{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00906{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":143,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":73299863,"flow_src_last_pkt_time":74939021,"flow_dst_last_pkt_time":75239110,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.201.161","src_port":50256,"dst_port":2886,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74329162,"flow_src_last_pkt_time":74395995,"flow_dst_last_pkt_time":74396263,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":503,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":503,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00889{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00881{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72264816,"flow_src_last_pkt_time":72720223,"flow_dst_last_pkt_time":72720433,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":250,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":250,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266136,"flow_src_last_pkt_time":72656641,"flow_dst_last_pkt_time":72656770,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":354,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":354,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":149,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74329162,"flow_src_last_pkt_time":74395995,"flow_dst_last_pkt_time":74396263,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":503,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":503,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":50262,"dst_port":30577,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00932{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":14,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":13118724,"flow_src_last_pkt_time":15640529,"flow_dst_last_pkt_time":13118724,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1091,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1091,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":13092,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00924{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":17,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":15285641,"flow_src_last_pkt_time":21297325,"flow_dst_last_pkt_time":15285641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":95,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":95,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":475,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63960,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":119,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72264816,"flow_src_last_pkt_time":72720223,"flow_dst_last_pkt_time":72720433,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":250,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":250,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":50250,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":121,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266136,"flow_src_last_pkt_time":72656641,"flow_dst_last_pkt_time":72656770,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":354,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":354,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":50252,"dst_port":19768,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":153,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":75359834,"flow_src_last_pkt_time":77138763,"flow_dst_last_pkt_time":77504113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":50266,"dst_port":4315,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":5,"flow_first_seen":63001498,"flow_src_last_pkt_time":78562314,"flow_dst_last_pkt_time":78562499,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":498,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":498,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74327445,"flow_src_last_pkt_time":74692032,"flow_dst_last_pkt_time":74692032,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":508,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":508,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266629,"flow_src_last_pkt_time":72906885,"flow_dst_last_pkt_time":72907120,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":504,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":504,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00871{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00885{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":177166814,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":134428529,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893685,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":139694412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90746756,"flow_src_last_pkt_time":90799453,"flow_dst_last_pkt_time":90799587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":510,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":510,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00877{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01018{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":13,"flow_first_seen":90746613,"flow_src_last_pkt_time":91392657,"flow_dst_last_pkt_time":91392753,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2540,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746142,"flow_src_last_pkt_time":91151301,"flow_dst_last_pkt_time":91150987,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":620,"flow_src_tot_l4_payload_len":1097,"flow_dst_tot_l4_payload_len":620,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592660,"flow_src_last_pkt_time":85126325,"flow_dst_last_pkt_time":85126546,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74328635,"flow_src_last_pkt_time":88170917,"flow_dst_last_pkt_time":88171102,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":253,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":253,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744462,"flow_src_last_pkt_time":90842155,"flow_dst_last_pkt_time":90842252,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":254,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":254,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745391,"flow_src_last_pkt_time":91380000,"flow_dst_last_pkt_time":91380000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745008,"flow_src_last_pkt_time":90863473,"flow_dst_last_pkt_time":90863592,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90747070,"flow_src_last_pkt_time":91396361,"flow_dst_last_pkt_time":91396486,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2553,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90747580,"flow_src_last_pkt_time":90902135,"flow_dst_last_pkt_time":90901928,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":670,"flow_src_tot_l4_payload_len":1103,"flow_dst_tot_l4_payload_len":670,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00877{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":37,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":5,"flow_first_seen":63001498,"flow_src_last_pkt_time":78562314,"flow_dst_last_pkt_time":78562499,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":498,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":498,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":50198,"dst_port":9915,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":146,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74327445,"flow_src_last_pkt_time":74692032,"flow_dst_last_pkt_time":74692032,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":508,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":508,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":50259,"dst_port":9852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":72266629,"flow_src_last_pkt_time":72906885,"flow_dst_last_pkt_time":72907120,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":504,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":504,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":50253,"dst_port":43508,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00914{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":12,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529999,"flow_src_last_pkt_time":12529999,"flow_dst_last_pkt_time":12529999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00928{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":11,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12529920,"flow_src_last_pkt_time":12529920,"flow_dst_last_pkt_time":12529920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":63717,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":177166814,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":134428529,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893685,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":139694412,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3194,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":201412576,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":293,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90746756,"flow_src_last_pkt_time":90799453,"flow_dst_last_pkt_time":90799587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":510,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":510,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":50317,"dst_port":21995,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00920{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":19,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469932,"flow_src_last_pkt_time":22405999,"flow_dst_last_pkt_time":15469932,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63964,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01061{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":292,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":13,"flow_first_seen":90746613,"flow_src_last_pkt_time":91392657,"flow_dst_last_pkt_time":91392753,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2540,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":50316,"dst_port":30566,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":289,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746142,"flow_src_last_pkt_time":91151301,"flow_dst_last_pkt_time":91150987,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":620,"flow_src_tot_l4_payload_len":1097,"flow_dst_tot_l4_payload_len":620,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":50313,"dst_port":35481,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":223,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592660,"flow_src_last_pkt_time":85126325,"flow_dst_last_pkt_time":85126546,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":50269,"dst_port":3186,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":148,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":74328635,"flow_src_last_pkt_time":88170917,"flow_dst_last_pkt_time":88171102,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":253,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":253,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":50261,"dst_port":33476,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":280,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744462,"flow_src_last_pkt_time":90842155,"flow_dst_last_pkt_time":90842252,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":254,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":254,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":50304,"dst_port":39908,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":285,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745391,"flow_src_last_pkt_time":91380000,"flow_dst_last_pkt_time":91380000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":50309,"dst_port":21301,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":283,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90745008,"flow_src_last_pkt_time":90863473,"flow_dst_last_pkt_time":90863592,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":491,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":491,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":50307,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":295,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90747070,"flow_src_last_pkt_time":91396361,"flow_dst_last_pkt_time":91396486,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2553,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":50319,"dst_port":53489,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":298,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90747580,"flow_src_last_pkt_time":90902135,"flow_dst_last_pkt_time":90901928,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":670,"flow_src_tot_l4_payload_len":1103,"flow_dst_tot_l4_payload_len":670,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":50322,"dst_port":55302,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00920{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":16,"flow_state":"finished","flow_src_packets_processed":13,"flow_dst_packets_processed":0,"flow_first_seen":15284358,"flow_src_last_pkt_time":23969210,"flow_dst_last_pkt_time":15284358,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":101,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1601,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":237,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":87671915,"flow_src_last_pkt_time":88763863,"flow_dst_last_pkt_time":88801408,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50283,"dst_port":35004,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00885{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01007{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747315,"flow_src_last_pkt_time":90792942,"flow_dst_last_pkt_time":90793046,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":518,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":518,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745170,"flow_src_last_pkt_time":91127242,"flow_dst_last_pkt_time":91126885,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746458,"flow_src_last_pkt_time":91171665,"flow_dst_last_pkt_time":91171376,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":690,"flow_src_tot_l4_payload_len":1099,"flow_dst_tot_l4_payload_len":690,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744013,"flow_src_last_pkt_time":90809872,"flow_dst_last_pkt_time":90809947,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":515,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":515,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90740683,"flow_src_last_pkt_time":91277614,"flow_dst_last_pkt_time":91277245,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":83805549,"flow_src_last_pkt_time":84251629,"flow_dst_last_pkt_time":84251761,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91408210,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741172,"flow_src_last_pkt_time":90825072,"flow_dst_last_pkt_time":90825175,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":255,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":255,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90742427,"flow_src_last_pkt_time":91375538,"flow_dst_last_pkt_time":91375677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":276,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":276,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90746915,"flow_src_last_pkt_time":91439469,"flow_dst_last_pkt_time":91439719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2538,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741945,"flow_src_last_pkt_time":90864792,"flow_dst_last_pkt_time":90864906,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":265,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00928{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":18,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":15469659,"flow_src_last_pkt_time":21843510,"flow_dst_last_pkt_time":15469659,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":624,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":624,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":4368,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63965,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01050{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":269,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90739278,"flow_src_last_pkt_time":90905082,"flow_dst_last_pkt_time":91076000,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":50293,"dst_port":8890,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":296,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747315,"flow_src_last_pkt_time":90792942,"flow_dst_last_pkt_time":90793046,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":518,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":518,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":50320,"dst_port":10825,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":284,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745170,"flow_src_last_pkt_time":91127242,"flow_dst_last_pkt_time":91126885,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":50308,"dst_port":61616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":291,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90746458,"flow_src_last_pkt_time":91171665,"flow_dst_last_pkt_time":91171376,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":690,"flow_src_tot_l4_payload_len":1099,"flow_dst_tot_l4_payload_len":690,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":50315,"dst_port":26851,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":279,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90744013,"flow_src_last_pkt_time":90809872,"flow_dst_last_pkt_time":90809947,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":515,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":515,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":50303,"dst_port":24562,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":271,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90740683,"flow_src_last_pkt_time":91277614,"flow_dst_last_pkt_time":91277245,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":663,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":663,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":50295,"dst_port":49732,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":221,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":83805549,"flow_src_last_pkt_time":84251629,"flow_dst_last_pkt_time":84251761,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":539,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":539,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50267,"dst_port":9239,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":270,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90740151,"flow_src_last_pkt_time":91075404,"flow_dst_last_pkt_time":91408210,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50294,"dst_port":37058,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":272,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741172,"flow_src_last_pkt_time":90825072,"flow_dst_last_pkt_time":90825175,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":598,"flow_dst_max_l4_payload_len":255,"flow_src_tot_l4_payload_len":598,"flow_dst_tot_l4_payload_len":255,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":50296,"dst_port":3806,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":275,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90742427,"flow_src_last_pkt_time":91375538,"flow_dst_last_pkt_time":91375677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":276,"flow_src_tot_l4_payload_len":601,"flow_dst_tot_l4_payload_len":276,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":50299,"dst_port":1194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":294,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":14,"flow_first_seen":90746915,"flow_src_last_pkt_time":91439469,"flow_dst_last_pkt_time":91439719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1221,"flow_dst_tot_l4_payload_len":2538,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":50318,"dst_port":59596,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":274,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741945,"flow_src_last_pkt_time":90864792,"flow_dst_last_pkt_time":90864906,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":265,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":50298,"dst_port":6578,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":290,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":11,"flow_first_seen":90746322,"flow_src_last_pkt_time":90948025,"flow_dst_last_pkt_time":90948025,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":609,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1030,"flow_dst_tot_l4_payload_len":2215,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50314,"dst_port":6888,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592023,"flow_src_last_pkt_time":85055745,"flow_dst_last_pkt_time":85055956,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741572,"flow_src_last_pkt_time":91414904,"flow_dst_last_pkt_time":91415063,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747782,"flow_src_last_pkt_time":90850056,"flow_dst_last_pkt_time":90850142,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":512,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":512,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00837{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00878{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":222,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":84592023,"flow_src_last_pkt_time":85055745,"flow_dst_last_pkt_time":85055956,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":544,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":544,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":50268,"dst_port":24751,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":273,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90741572,"flow_src_last_pkt_time":91414904,"flow_dst_last_pkt_time":91415063,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":50297,"dst_port":45710,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":299,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90747782,"flow_src_last_pkt_time":90850056,"flow_dst_last_pkt_time":90850142,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":512,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":512,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":50323,"dst_port":26253,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00880{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00921{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":115369554,"flow_src_last_pkt_time":182706957,"flow_dst_last_pkt_time":183044667,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":202,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00721{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3291,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":211646326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3367,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":219447137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3367,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_packet_id":1,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":81,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":81,"pkt_l4_len":47,"thread_ts_usec":219447137,"pkt":"UlQAEjUCCAAn5uVZCABFAABD+bUAAIARLzoKAAIPWbur8HAJGMoAL2mkIFAxArFAxy3\/Egk2kZ9VAwABABAAAADDA1NDUEECglZDRUdUS0di"} -00835{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00869{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00871{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00871{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00885{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01012{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90743161,"flow_src_last_pkt_time":96110816,"flow_dst_last_pkt_time":96110996,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00885{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745788,"flow_src_last_pkt_time":91669101,"flow_dst_last_pkt_time":91668738,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":628,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":98168368,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01006{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":101917395,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168555545,"flow_src_last_pkt_time":176659427,"flow_dst_last_pkt_time":176694176,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00878{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00912{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":13,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":0,"flow_first_seen":12827507,"flow_src_last_pkt_time":41755684,"flow_dst_last_pkt_time":12827507,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":50,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":68,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":966,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"NetBIOS","proto_id":"10","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00914{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":23,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232312,"flow_src_last_pkt_time":40630489,"flow_dst_last_pkt_time":40232312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00914{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":25,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232582,"flow_src_last_pkt_time":40630451,"flow_dst_last_pkt_time":40232582,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.252","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00928{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":22,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232223,"flow_src_last_pkt_time":40630373,"flow_dst_last_pkt_time":40232223,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":62539,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01055{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":277,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90743161,"flow_src_last_pkt_time":96110816,"flow_dst_last_pkt_time":96110996,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":501,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":501,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":50301,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00928{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":24,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":40232517,"flow_src_last_pkt_time":40630237,"flow_dst_last_pkt_time":40232517,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:3","src_port":50435,"dst_port":5355,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"LLMNR","proto_id":"154","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01057{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":287,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90745788,"flow_src_last_pkt_time":91669101,"flow_dst_last_pkt_time":91668738,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1101,"flow_dst_tot_l4_payload_len":628,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":50311,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":282,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90744824,"flow_src_last_pkt_time":91058830,"flow_dst_last_pkt_time":98168368,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":600,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":50306,"dst_port":33527,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01049{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":278,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90743600,"flow_src_last_pkt_time":90897166,"flow_dst_last_pkt_time":101917395,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":597,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":597,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":50302,"dst_port":4743,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168555545,"flow_src_last_pkt_time":176659427,"flow_dst_last_pkt_time":176694176,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":131670910,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":191702893,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":191702410,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00727{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01000{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01043{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":132832794,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":191702228,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -1950,51 +1954,51 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71536330,"flow_src_last_pkt_time":132833488,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":191701830,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":116628965,"flow_src_last_pkt_time":176285360,"flow_dst_last_pkt_time":176332300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":480,"flow_dst_tot_l4_payload_len":2287,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":116628965,"flow_src_last_pkt_time":176285360,"flow_dst_last_pkt_time":176332300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":480,"flow_dst_tot_l4_payload_len":2287,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":192908508,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":192908332,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00869{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00912{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":192908160,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":192908239,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00883{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00926{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":192907861,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":191700213,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":191701031,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":191703012,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00847{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00890{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":131668865,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":191702525,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00885{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174323550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00928{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174323550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":191702681,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":191700841,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":192908134,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":191701286,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3391,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":192908402,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3451,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238441,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2007,9 +2011,9 @@ 00581{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3454,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_packet_id":1,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229239821,"pkt":"UlQAEjUCCAAn5uVZCABFAABpd+QAAIARdQcKAAIPWHrpD3AJLOAAVT9CR05EED9MAQFMQVEyUApVRFBdL+I1CXDHjOZsSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3455,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229240388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00581{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3455,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_packet_id":1,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229240388,"pkt":"UlQAEjUCCAAn5uVZCABFAABpQyQAAIAR7ygKAAIPPiO+BXAJSKwAVQDtR05EED9NAQFMQVEyUApVRFBdL+I1CXAx8WVwSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -00875{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00867{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00881{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00918{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00910{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00924{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":10,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529625,"flow_src_last_pkt_time":43193303,"flow_dst_last_pkt_time":12529625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::fb","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":131671934,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":131670725,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2021,7 +2025,7 @@ 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":192907327,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2036,10 +2040,10 @@ 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":191700445,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":191704123,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":192907653,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2057,7 +2061,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":191704243,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":83518597,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":132832598,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":191701486,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2085,58 +2089,55 @@ 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3481,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":232090269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":3,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":115276904,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00837{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"NAT-PMP","proto_id":"312","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01053{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":3,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":115276904,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00719{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00837{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"NAT-PMP","proto_id":"312","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00719{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00837{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"NAT-PMP","proto_id":"312","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00719{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90005361,"flow_src_last_pkt_time":180164844,"flow_dst_last_pkt_time":180196283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":90005361,"flow_src_last_pkt_time":180164844,"flow_dst_last_pkt_time":180196283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":192907093,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90184128,"flow_src_last_pkt_time":179814808,"flow_dst_last_pkt_time":180130949,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90184128,"flow_src_last_pkt_time":179814808,"flow_dst_last_pkt_time":180130949,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90880863,"flow_src_last_pkt_time":176255689,"flow_dst_last_pkt_time":176285010,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":670,"flow_dst_tot_l4_payload_len":3829,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90073006,"flow_src_last_pkt_time":174723280,"flow_dst_last_pkt_time":174761998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90072798,"flow_src_last_pkt_time":180323696,"flow_dst_last_pkt_time":180633579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90073006,"flow_src_last_pkt_time":174723280,"flow_dst_last_pkt_time":174761998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90072798,"flow_src_last_pkt_time":180323696,"flow_dst_last_pkt_time":180633579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":89966706,"flow_src_last_pkt_time":180634354,"flow_dst_last_pkt_time":180691847,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":163151217,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":89966706,"flow_src_last_pkt_time":180634354,"flow_dst_last_pkt_time":180691847,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":163151217,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90871417,"flow_src_last_pkt_time":174321941,"flow_dst_last_pkt_time":174341975,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":834,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":174008534,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":174008534,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784399,"flow_src_last_pkt_time":139782226,"flow_dst_last_pkt_time":139889728,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138188,"flow_src_last_pkt_time":174723209,"flow_dst_last_pkt_time":175039150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784399,"flow_src_last_pkt_time":139782226,"flow_dst_last_pkt_time":139889728,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138188,"flow_src_last_pkt_time":174723209,"flow_dst_last_pkt_time":175039150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00742{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95716693,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":139781413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95716693,"flow_src_last_pkt_time":139724918,"flow_dst_last_pkt_time":139781413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":90864578,"flow_src_last_pkt_time":124065911,"flow_dst_last_pkt_time":124089575,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":834,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90039406,"flow_src_last_pkt_time":180131681,"flow_dst_last_pkt_time":180164082,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":152619076,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90005045,"flow_src_last_pkt_time":180196993,"flow_dst_last_pkt_time":180322753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784128,"flow_src_last_pkt_time":139725014,"flow_dst_last_pkt_time":146329784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138420,"flow_src_last_pkt_time":174887033,"flow_dst_last_pkt_time":174930342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90039406,"flow_src_last_pkt_time":180131681,"flow_dst_last_pkt_time":180164082,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":152619076,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90005045,"flow_src_last_pkt_time":180196993,"flow_dst_last_pkt_time":180322753,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":723,"flow_dst_tot_l4_payload_len":4468,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95784128,"flow_src_last_pkt_time":139725014,"flow_dst_last_pkt_time":146329784,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":90138420,"flow_src_last_pkt_time":174887033,"flow_dst_last_pkt_time":174930342,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":561,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3580,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":242463037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3592,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":243615643,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":243615643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3592,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_packet_id":1,"flow_src_last_pkt_time":243615643,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":243615643,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4xOkAAIARl9wKAAIPSbaIKnAJbOEAJMFk\/WUxApXeKd\/\/Y1FYXCcaAwABAAUAAADDglFLQA=="} 00729{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3593,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243615848,"flow_src_last_pkt_time":243615848,"flow_dst_last_pkt_time":243615848,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":243615848,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2392,55 +2393,54 @@ 00898{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_packet_id":2,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":252054388,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":351,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":351,"pkt_l4_len":317,"thread_ts_usec":252054388,"pkt":"CAAn5uVZUlQAEjUCCABFAAFRCikAAEARFruvtZz0CgACDyA\/cAkBPRaQR05EASwmAQF4nOspZwx09GAJCV7IpZrkwOGyfuucL\/YKSgxA5ul7fKtUoo+BmEVqnEHz4w6DmFpJxQ2LoneAmCrvr076FrIPxLztrlNpZ7EdxKw+W5fmKQLWdjuUO\/SR5kEQ89YS9ZflgSfAzLXPkmy89kNMWCRtJA824U5n1tpM3b1g2yS2Nd0Ig5jgZiDeJq8GYpZ\/Z3v0URXC\/DbZ444gmHmnX+lhup8KiGl7R\/PjVDEmsCOZ7GQ+SyiA1fL1v10UzQBW4LDRdFE0H9gK9VmuD4QYQcxT0+2tT8gKgpiMCwOCLijKg5gF5Z\/yPsmBDVN5yXzfwIgRwtS61CEK9AVbMCQcgAyId4AMiFNAjNaqm2ApiPc8WIIcdRgZGBhi9R+ZGjIxpEgd+fTSj7OAHwDkZn\/e"} 00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3837,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":463,"flow_packet_id":2,"flow_src_last_pkt_time":251768320,"flow_dst_last_pkt_time":252237075,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":252237075,"pkt":"CAAn5uVZUlQAEjUCCABFAABKCisAAEARAJDIB5vSCgACD27NcAkANlqcvVsxAoZuEFj\/eIRjgIUUAwEBABcAAADNbsgHm9IAAAAACAAAAMOCUUtEApadXA=="} 00893{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3838,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_packet_id":2,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":252481655,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":346,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":346,"pkt_l4_len":312,"thread_ts_usec":252481655,"pkt":"CAAn5uVZUlQAEjUCCABFAAFMCiwAAEAROsxyGLaCCgACD1bYcAkBOFVRR05EAXxtAQF4nOvJYQx09GAJCV7MpZrkwOFSJLGt6UbYMQYgUyupuGFR9A4Q89baZ0k2XvtBzNP3+FapRIMV3Fqi\/rI88ASIWaTGGTQ\/7jCIqfL+6qRvIftAzDutVTcXRR8HMavP1qV5ioC13XbXqbSz2A5W0Jm1NlN3L0TbImkjeYi2tuVBe8QOgZjrt6lzbzQ6AGZunfPFXkEZxCz\/zvboo6oamPltsscdQTDT9o7mx6liTGCnM9nJfJZQABvWr\/Qw3U8FxNy+OaqgRk0brI2v\/+2iaAawNoeNpoui+UDMU9PtrU\/ICoKYjAsDgi4oyoFd9pL5voERI4MDWzDENiDjtpuBeJs8kAHxLZAB8SCc4cES5KjDyMDAEKv\/yNSQiSFF6sinl36cBfwAxlh+fA=="} -00876{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00919{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":54,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":65065554,"flow_src_last_pkt_time":65065784,"flow_dst_last_pkt_time":65065554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":146,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":182,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1042,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57623,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01255{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":12,"flow_first_seen":126831784,"flow_src_last_pkt_time":130215321,"flow_dst_last_pkt_time":130215029,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":10365,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01298{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":12,"flow_first_seen":126831784,"flow_src_last_pkt_time":130215321,"flow_dst_last_pkt_time":130215029,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":513,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":513,"flow_dst_tot_l4_payload_len":10365,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00845{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00888{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00837{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"NAT-PMP","proto_id":"312","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00719{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":177166814,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":251767811,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":190,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95893685,"flow_src_last_pkt_time":251768012,"flow_dst_last_pkt_time":251793606,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":190,"flow_dst_tot_l4_payload_len":1561,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":177166814,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":251767811,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":190,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95893685,"flow_src_last_pkt_time":251768012,"flow_dst_last_pkt_time":251793606,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":190,"flow_dst_tot_l4_payload_len":1561,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":252577509,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00921{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3842,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_packet_id":2,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":369,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":369,"pkt_l4_len":335,"thread_ts_usec":252632878,"pkt":"CAAn5uVZUlQAEjUCCABFAAFjCi8AAEARdNc9QLE1CgACD1uicAkBT2NQR05EAdAzAQF4nOvpZQx09GAJCV7IpZrkwOFi67DRdFE0HwOQqcVkJ\/NZQgHELP\/O9uijqhqIeadf6WG6nwqIWaTGGTQ\/7jBYtLXq5qLo42Bm2\/KgPWKHQMxba58l2XjtB6uV2NZ0I+wYiHnbzUC8TR5smFZSccOi6B1gtUvUX5YHngArCOUOfaR5EMRUeb9I2kh+H9jczqy1mbp7IaJXJ30LAYsWqc9yfSDECGKu3zrni72CMohZfbYuzVMEbFv5t8kedwTBtq3fps690egAiLl9c1RBjZo2iGl7R\/PjVDEmEPPUdHvrE7KCYG18\/W8XRTOAmIwLA4IuKMqDmAXln\/I+yYHVqrxkvm9gxAhhal3qEAU6nS0YYhuQAfEvkAHRAmRANAAZkFDxYAly1GFkYGCI1X9kasjEkCJ15NNLP84CfgD2yolx"} 00917{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3849,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_packet_id":2,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":252853049,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":364,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":364,"pkt_l4_len":330,"thread_ts_usec":252853049,"pkt":"CAAn5uVZUlQAEjUCCABFAAFeCjQAAEAR5HN39wbiCgACDyXxcAkBSnmHR05EAatVAQF4nOtpYgx09GAJCS65pJLkwOFS\/p3t0UdVNQYg87abgXibPJi5fuucL\/YKyiBmkcS2phthx8BMNc6g+XGHQUytpOKGRdE7QMw7rVU3F0UfBzM7s9Zm6u4Fm7BNnXuj0QEQ8\/Q9vlUq0WATbq19lmTjtR\/EVHm\/SNpIfh9YW9vyoD1ih8BuCOUOfaR5EMSsPluX5ikC1nbbXafSzmI7RNvVSd9CwNrKv032uCMIdq\/tHc2PU8WYwIb1Kz1M91MBizpsNF0UzQd2uvos1wdCjGBtfP1vF0UzgJinpttbn5AVBDEZFwYEXVCUBzELyj\/lfZIDG6bykvm+gREjhKl1qUP0BIMDWzDEx0AGJPCADC0mO5nPEkAGxNEgKbDjPFiCHHUYGRgYYvUfmRoyMaRIHfn00o+zgB8A72GGiA=="} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3855,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_packet_id":3,"flow_src_last_pkt_time":253024213,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253024213,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dB4AAIAR1MEKAAIPV0WOhXAJPG8AIABWR05EED+XAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -2461,15 +2461,15 @@ 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3870,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_packet_id":3,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253026052,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J3kAAIARnXAKAAIPKfk\/yHAJWDYAIGCJR05EED+mAQFUC1FLUlAGUk5BXS\/iNQlw"} 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3871,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_packet_id":2,"flow_src_last_pkt_time":253026184,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253026184,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0zQYAAIARHcsKAAIPBbQ+JXAJGMoAIMXcR05EED+nAQFUC1FLUlAGUk5BXS\/iNQlw"} 00913{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3872,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_packet_id":2,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":253031457,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":361,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":361,"pkt_l4_len":327,"thread_ts_usec":253031457,"pkt":"CAAn5uVZUlQAEjUCCABFAAFbCjcAAEARjIuvticLCgACDzKxcAkBR\/IfR05EAUOQAQF4nOtpYgx09GAJCV7IpZrkwOGyfps690aj\/QxA5p3OrLWZuntBzCI1zqD5cYdBTJX3i6SN5PeBmLdDuUMfaR4Eq22turko+jhY1F2n0s5iO4h5a4n6y\/LAEyCmVlJxw6LoHWDRtc+SbLwgVrQtD9ojdghshcS2phthxyBWXJ30LQRsRfXZujRPEYjoS61LHaJgw267GYi3yauBmOXf2R59VIUwv032uCMIZt7pV3qY7qcCtpjJTuazhAKIaXtH8+NUMSYQc\/vmqIIaNW2wNr7+t4uiGcBuUJ\/l+kCIEazWYaPpomg+EJNxYUDQBUV5ELOg\/FPeJzkmiHOY7xsYAdWyBa\/fOueLvQKQAfEZkAFxK0gEHAIgEbCfPFiCHHUYGRgYYvUfmRoyMaRIHfn00o+zgB8AlR+GzA=="} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00883{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00926{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":75501587,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":637,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":115369554,"flow_src_last_pkt_time":182706957,"flow_dst_last_pkt_time":183044667,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":202,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3962,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":261823862,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3982,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3982,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_packet_id":1,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":264769233,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnUAAIARDSsKAAIPGE6GvHAJv5YAIMPdR05EED+oAQFUC1FLUlAGUk5BXS\/iNQlw"} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3983,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":264769911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2484,145 +2484,145 @@ 00581{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3987,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_packet_id":1,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":264771658,"pkt":"UlQAEjUCCAAn5uVZCABFAABpgtwAAIAR1fMKAAIPrF4pR3AJGMoAVRJfR05EED+tAQFMQVEyUApVRFBdL+I1CXB2YrRDSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} 00892{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3996,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_packet_id":2,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":343,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":343,"pkt_l4_len":309,"thread_ts_usec":265025254,"pkt":"CAAn5uVZUlQAEjUCCABFAAFJCocAAEARUOu3s1pwCgACDyZ8cAkBNf6\/R05EAdfTAQF4nOvJYQx09GAJCd7JpZrkwOGyfXNUQY2aNgOQqcVkJ\/NZQgHELP822eOOoBqIeWuJ+svywBMg5m03A\/E2ebCoyvurk76F7AMxiyS2Nd0IOwZWu\/ZZko3XfhDzTtvyoD1ih8DM1qqbi6KPg5jrt6lzbzQ6ABbtzFqbqbsXbHFSccOi6B0gZvXZujRPkaMQKxZJG8mDrbjtrlNpZ7EdzAzlDn2keRDsSL7+t4uiGcBuUJ\/l+kCIEcS0ddhouiiaH8y8o\/lxqhgTiHlqur31CVlBEJNxYUDQBUV5ELOg\/FPeJzmwApWXzPcNjBghTK1LHaJAH7MFF6lxBs2PAzIgrgUyIOGFzID4yYMlyFGHkYGBIVb\/kakhE0OK1JFPL\/04C\/gBLLx7vA=="} 00889{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3999,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_packet_id":2,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":265818202,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":345,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":345,"pkt_l4_len":311,"thread_ts_usec":265818202,"pkt":"CAAn5uVZUlQAEjUCCABFAAFLCokAAEARE1Ak6SrSCgACDxWIcAkBNyevR05EASbRAQF4nOtJZAx09GAJCV7HpZrkwOGi8lLrUofoCQYg83Yod+gjzYNgprtOpZ3FdhDzTmfW2kzdvWBma9XNRdHHwcy25UF7xA6BmEVqnEHz4w6DmLfWPkuy8doPYqq8vzrpW8g+EPP0Pb5VKtHHIKKLpI3kwaK3lqi\/LA8EW7x+mzr3RqMDIGb5t8kedwTVQEytpOKGRdE7QMzqs3VpniJgE267GYi3yauCmAXln\/I+yTGCTdg654u9ghKIaeuw0XRRNB\/Ykf1KD9P9VMCGMdnJfJaQB7tXYlvTjTCwYaem21ufkBUEMbdvjiqoUdNmcGALLv\/O9uijKpABCRCQCF\/\/20XRQAbETUAGxGgPliBHHUYGBoZY\/UemhkwMKVJHPr304yzgBwBT3ny5"} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064076,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.127.72.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064076,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.127.72.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064076,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.127.72.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":91,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":91,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063492,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063492,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063492,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061887,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.177.5.135","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061887,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.177.5.135","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061887,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.177.5.135","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059148,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.159.111","src_port":28681,"dst_port":44729,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059148,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.159.111","src_port":28681,"dst_port":44729,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059148,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.159.111","src_port":28681,"dst_port":44729,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518912,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.169.215.227","src_port":28681,"dst_port":26820,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518912,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.169.215.227","src_port":28681,"dst_port":26820,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518912,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.169.215.227","src_port":28681,"dst_port":26820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063616,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.44.126.74","src_port":28681,"dst_port":54633,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063616,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.44.126.74","src_port":28681,"dst_port":54633,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063616,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.44.126.74","src_port":28681,"dst_port":54633,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060041,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.162.52.93","src_port":28681,"dst_port":34799,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060041,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.162.52.93","src_port":28681,"dst_port":34799,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060041,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.162.52.93","src_port":28681,"dst_port":34799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975321,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":149634575,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":50193,"dst_port":46010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518339,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.3.223","src_port":28681,"dst_port":12848,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518339,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.3.223","src_port":28681,"dst_port":12848,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518339,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.3.223","src_port":28681,"dst_port":12848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064299,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064299,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064299,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059900,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.157.59.43","src_port":28681,"dst_port":56919,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059900,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.157.59.43","src_port":28681,"dst_port":56919,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059900,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.157.59.43","src_port":28681,"dst_port":56919,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":149634758,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519424,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519424,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519424,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063123,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.195.105.243","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063123,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.195.105.243","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063123,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.195.105.243","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61975137,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":149634682,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":50192,"dst_port":16201,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060791,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.74.159.56","src_port":28681,"dst_port":29271,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060791,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.74.159.56","src_port":28681,"dst_port":29271,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060791,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.74.159.56","src_port":28681,"dst_port":29271,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":8,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":149634723,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065828,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.29.197.138","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065828,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.29.197.138","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065828,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.29.197.138","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519999,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.52.115","src_port":28681,"dst_port":53956,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519999,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.52.115","src_port":28681,"dst_port":53956,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519999,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.52.115","src_port":28681,"dst_port":53956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065036,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065036,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065036,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063782,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.150.126.156","src_port":28681,"dst_port":16471,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063782,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.150.126.156","src_port":28681,"dst_port":16471,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063782,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.150.126.156","src_port":28681,"dst_port":16471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061374,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.46.253.7","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061374,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.46.253.7","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061374,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.46.253.7","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519593,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"212.68.248.153","src_port":28681,"dst_port":27223,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519593,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"212.68.248.153","src_port":28681,"dst_port":27223,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519593,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"212.68.248.153","src_port":28681,"dst_port":27223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168555545,"flow_src_last_pkt_time":176659427,"flow_dst_last_pkt_time":176694176,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168555545,"flow_src_last_pkt_time":176659427,"flow_dst_last_pkt_time":176694176,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":131670910,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":251736997,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":191702410,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":251740913,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01000{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01043{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":253024996,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124090730,"flow_src_last_pkt_time":251763582,"flow_dst_last_pkt_time":251868720,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124090730,"flow_src_last_pkt_time":251763582,"flow_dst_last_pkt_time":251868720,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":251737212,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71536330,"flow_src_last_pkt_time":243620132,"flow_dst_last_pkt_time":243855304,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":76,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":251736500,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":116628965,"flow_src_last_pkt_time":176285360,"flow_dst_last_pkt_time":176332300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":480,"flow_dst_tot_l4_payload_len":2287,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":116628965,"flow_src_last_pkt_time":176285360,"flow_dst_last_pkt_time":176332300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":480,"flow_dst_tot_l4_payload_len":2287,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":251737686,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":251737596,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":253023892,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":192908239,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":251769302,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":251736857,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":251737185,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":251737327,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":251738527,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":131668865,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":251738105,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174323550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174323550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":253024867,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":251736271,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":253024455,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":251740802,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":192908402,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":272055311,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4128,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":280014541,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":280014541,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4128,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_packet_id":1,"flow_src_last_pkt_time":280014541,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":280014541,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LMAAAER3GYKAAIP7\/\/\/+uDQB2wAtgxeTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00874{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4128,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":280014541,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":280014541,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00917{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4128,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":280014541,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":280014541,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4138,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_packet_id":2,"flow_src_last_pkt_time":281023645,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":281023645,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LQAAAER3GUKAAIP7\/\/\/+uDQB2wAtgxeTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4148,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_packet_id":3,"flow_src_last_pkt_time":282039687,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":282039687,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LUAAAER3GQKAAIP7\/\/\/+uDQB2wAtgxeTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01007{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01050{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01006{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01007{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01049{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01050{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":251735454,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":251737467,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":191703548,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2631,14 +2631,14 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":253025614,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":253025967,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":251735642,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":253024213,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":191700445,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":251737771,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":192907653,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":132833113,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -2650,7 +2650,7 @@ 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":253024061,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":191704243,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":253026184,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":132832598,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4158,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":253025731,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":282200384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3276,7 +3276,7 @@ 00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4664,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_packet_id":1,"flow_src_last_pkt_time":288355413,"flow_dst_last_pkt_time":288355413,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":288355413,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4ptwAAIAR2SwKAAIPpIQKGXAJvHoAJCauo68xAuqK3ib\/VZWObCGFAwABAAUAAADDglFLQA=="} 00698{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4666,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288409044,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4666,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_packet_id":1,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":288409044,"pkt":"CAAn5uVZUlQAEjUCCABFwABUC3cAAH8BdMakhAoZCgACDwMDt94AAAAARQAAOKbcAAB\/EdosCgACD6SEChlwCbx6ACQmrqOvMQLqit4m\/1WVjmwhhQMAAQAFAAAAw4JRS0A="} -00823{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4666,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288409044,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.020679}} +00866{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4666,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288409044,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.020679}} 00904{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4671,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_packet_id":2,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":288490528,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":356,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":356,"pkt_l4_len":322,"thread_ts_usec":288490528,"pkt":"CAAn5uVZUlQAEjUCCABFAAFWC3sAAEARmwMk76IbCgACDx8ycAkBQkS1R05EAVjxAQF4nOspZwx09GAJCT7CpZrkwOGi8n6RtJH8bgYgs0hiW9ONsGMg5p3WqpuLoo8zgBVcnfQtZB+Iedtdp9LOYjtYQWfW2kzdvWBtapxB8+MOg5haScUNi6J3gJi3lqi\/LA88AdYWyh36SPMAiLl+mzr3RiMwU+Wl1qUOUbCCO23Lg\/aI7Qcxq8\/WpXmKHAWr3Trni72CMtgENwPxNnk1ELP8O9ujj6rqYCZf\/9tF0Qxg5rfJHncEwQps72h+nCrGBHYOk53MZwkFEHP75qiCGjVtsAKHjaaLovnBTlef5fpAiBHEPDXd3vqErCCIybgwIOiCojzEkcz3DYyACtiCIaJABiSYgIw7\/UoP0\/2ADIhDgAyI9zxYghx1GBkYGGL1H5kaMjGkSB359NKPs4AfAD6Dfz4="} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4683,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":289961626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":289961626,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4683,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_packet_id":1,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":289961626,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":289961626,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4bogAAIARxeoKAAIPe81+ZnAJFEkAJPn9btcxAoLvbJD\/ZQI2cb+qAwABAAUAAADDglFLQA=="} @@ -3286,79 +3286,79 @@ 00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4701,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":569,"flow_packet_id":2,"flow_src_last_pkt_time":287386762,"flow_dst_last_pkt_time":291154130,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":291154130,"pkt":"CAAn5uVZUlQAEjUCCABFAABKC5AAAEARIKNJWfkICgACD8XZcAkANp0565kxAgUhZoj\/+H2oSNwcAwEBABcAAADZxUlZ+Qi8AAAAAAAgAMOCUUtE05ynKA=="} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4702,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":569,"flow_packet_id":3,"flow_src_last_pkt_time":291154795,"flow_dst_last_pkt_time":291154130,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":291154795,"pkt":"UlQAEjUCCAAn5uVZCABFAABUghEAAIARahcKAAIPSVn5CHAJxdkAQIPAXS\/iNTECAGQaxPLpTglwD4ABACEAAAD5AHBpbmtmbG95ZADDAlFLRNOcpygDU0NQQAFaQIJQUkA="} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620353,"flow_src_last_pkt_time":243620353,"flow_dst_last_pkt_time":243620353,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.102.148.166","src_port":28681,"dst_port":31332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619573,"flow_src_last_pkt_time":243619573,"flow_dst_last_pkt_time":243619573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.0.69.215","src_port":28681,"dst_port":12608,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90880863,"flow_src_last_pkt_time":251768782,"flow_dst_last_pkt_time":251799257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":755,"flow_dst_tot_l4_payload_len":4350,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619099,"flow_src_last_pkt_time":243619099,"flow_dst_last_pkt_time":243619099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.215.183.71","src_port":28681,"dst_port":31310,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":287355678,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":751,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":287355678,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":751,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618045,"flow_src_last_pkt_time":243618045,"flow_dst_last_pkt_time":243618045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.223.143.31","src_port":28681,"dst_port":47978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620457,"flow_src_last_pkt_time":243620457,"flow_dst_last_pkt_time":243620457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":31728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90871417,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":251762907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619924,"flow_src_last_pkt_time":243619924,"flow_dst_last_pkt_time":243619924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"191.114.88.39","src_port":28681,"dst_port":18751,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00742{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618625,"flow_src_last_pkt_time":243618625,"flow_dst_last_pkt_time":243618625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.135.8.7","src_port":28681,"dst_port":1219,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":243617373,"flow_src_last_pkt_time":243617373,"flow_dst_last_pkt_time":243755535,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619335,"flow_src_last_pkt_time":243619335,"flow_dst_last_pkt_time":243619335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"144.134.132.206","src_port":28681,"dst_port":16401,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619466,"flow_src_last_pkt_time":243619466,"flow_dst_last_pkt_time":243619466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"161.81.38.67","src_port":28681,"dst_port":9539,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620225,"flow_src_last_pkt_time":243620225,"flow_dst_last_pkt_time":243620225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":24634,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620034,"flow_src_last_pkt_time":243620034,"flow_dst_last_pkt_time":243620034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.59.24","src_port":28681,"dst_port":28755,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":95716226,"flow_src_last_pkt_time":243617528,"flow_dst_last_pkt_time":243760248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":95716226,"flow_src_last_pkt_time":243617528,"flow_dst_last_pkt_time":243760248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":292578637,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3373,7 +3373,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3401,11 +3401,11 @@ 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766203,"flow_src_last_pkt_time":287317526,"flow_dst_last_pkt_time":251766203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":23183,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":327,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251946178,"flow_src_last_pkt_time":251946178,"flow_dst_last_pkt_time":251946178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":1026,"dst_port":28681,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3415,7 +3415,7 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":253025155,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":253025433,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3423,7 +3423,7 @@ 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":252853049,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":322,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":322,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766954,"flow_src_last_pkt_time":287317823,"flow_dst_last_pkt_time":251766954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.240.113","src_port":28681,"dst_port":13867,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3431,7 +3431,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":251734977,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768320,"flow_src_last_pkt_time":287318727,"flow_dst_last_pkt_time":287699802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":28681,"dst_port":28365,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4821,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765853,"flow_src_last_pkt_time":287317359,"flow_dst_last_pkt_time":287440578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":302977004,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.227.193.37","src_port":28681,"dst_port":27481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3475,36 +3475,36 @@ 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4959,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_packet_id":3,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957614,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05pQAAIARsCAKAAIPTudJDnAJGMoAIHF1R05EED\/yAQFUC1FLUlAGUk5BXS\/iNQlw"} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":4960,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312961164,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4960,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_packet_id":1,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312961164,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s80AAIARSSgKAAIPpVSMYHAJOEAAILg+R05EED\/zAQFUC1FLUlAGUk5BXS\/iNQlw"} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132833303,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":1032,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132833303,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":1032,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132833303,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":1032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059383,"flow_src_last_pkt_time":131671261,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.197.219.85","src_port":28681,"dst_port":26234,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059383,"flow_src_last_pkt_time":131671261,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.197.219.85","src_port":28681,"dst_port":26234,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059383,"flow_src_last_pkt_time":131671261,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.197.219.85","src_port":28681,"dst_port":26234,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059497,"flow_src_last_pkt_time":131670469,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059497,"flow_src_last_pkt_time":131670469,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059497,"flow_src_last_pkt_time":131670469,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062993,"flow_src_last_pkt_time":131669387,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062993,"flow_src_last_pkt_time":131669387,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062993,"flow_src_last_pkt_time":131669387,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82061259,"flow_src_last_pkt_time":132833697,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.157.183.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82061259,"flow_src_last_pkt_time":132833697,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.157.183.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82061259,"flow_src_last_pkt_time":132833697,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.157.183.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062130,"flow_src_last_pkt_time":131672351,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":28681,"dst_port":35589,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062130,"flow_src_last_pkt_time":131672351,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":28681,"dst_port":35589,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82062130,"flow_src_last_pkt_time":131672351,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":28681,"dst_port":35589,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131668560,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"187.37.87.189","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131668560,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"187.37.87.189","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131668560,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"187.37.87.189","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059277,"flow_src_last_pkt_time":131673144,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.126.160.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059277,"flow_src_last_pkt_time":131673144,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.126.160.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":82059277,"flow_src_last_pkt_time":131673144,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.126.160.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":301,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":301,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":4964,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":313025512,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3545,65 +3545,65 @@ 00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5064,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":562,"flow_packet_id":2,"flow_src_last_pkt_time":320292378,"flow_dst_last_pkt_time":287357163,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":320292378,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4CAEAAIARw78KAAIPcHfybnAJ6ecAJJt6ZMkxArsJiWn\/2NtEIIr3AwABAAUAAADDglFLQA=="} 00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5065,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":664,"flow_packet_id":2,"flow_src_last_pkt_time":320293048,"flow_dst_last_pkt_time":287573220,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":320293048,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4sK0AAIARXRsKAAIPMjruo3AJGcIAJO3IbAsxAnYtXYL\/8bz\/pBe7AwABAAUAAADDglFLQA=="} 00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5066,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":696,"flow_packet_id":2,"flow_src_last_pkt_time":320293343,"flow_dst_last_pkt_time":287635205,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":320293343,"pkt":"UlQAEjUCCAAn5uVZCABFAAA419wAAIARwSYKAAIPTL1I5nAJH+EAJBtk6eoxAtFG13r\/NLEu9DR8AwABAAUAAADDglFLQA=="} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01012{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01014{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":134428222,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":134428360,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95754583,"flow_src_last_pkt_time":139695067,"flow_dst_last_pkt_time":139756356,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":8,"flow_first_seen":71204033,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":193763657,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":50245,"dst_port":46843,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00783{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95784533,"flow_src_last_pkt_time":139724985,"flow_dst_last_pkt_time":139896214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":95715707,"flow_src_last_pkt_time":139694924,"flow_dst_last_pkt_time":139730332,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":2181,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00826{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00739{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":90809634,"flow_src_last_pkt_time":139694982,"flow_dst_last_pkt_time":139723897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":222,"flow_dst_tot_l4_payload_len":1595,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95923657,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":139892044,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":311750048,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00729{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":311749444,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00834{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01000{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01043{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":312957021,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":311751911,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":71536330,"flow_src_last_pkt_time":243620132,"flow_dst_last_pkt_time":243855304,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":76,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":312957227,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":311751378,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":312957301,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":311752090,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":192908239,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":312957127,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":311751727,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":311750605,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00845{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00888{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":311750300,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":311749833,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":311751018,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":251738105,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":253024867,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":311749055,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":312956056,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":312955935,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5096,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":311751275,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":323187340,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":152618863,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":152619228,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425184,"flow_src_last_pkt_time":287425184,"flow_dst_last_pkt_time":287425184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.148.100.237","src_port":28681,"dst_port":23459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428629,"flow_src_last_pkt_time":287428629,"flow_dst_last_pkt_time":287428629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":28681,"dst_port":13060,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484830,"flow_src_last_pkt_time":287484830,"flow_dst_last_pkt_time":287484830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":13281,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3623,7 +3623,7 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":311751135,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":251737467,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":312955554,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442897,"flow_src_last_pkt_time":287442897,"flow_dst_last_pkt_time":287442897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":64577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":622,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485837,"flow_src_last_pkt_time":287485837,"flow_dst_last_pkt_time":287485837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":647,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511462,"flow_src_last_pkt_time":287511462,"flow_dst_last_pkt_time":287511462,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":28681,"dst_port":21293,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3888,78 +3888,78 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385136,"flow_src_last_pkt_time":287385136,"flow_dst_last_pkt_time":287385136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.45.40.28","src_port":28681,"dst_port":2656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320671,"flow_src_last_pkt_time":287320671,"flow_dst_last_pkt_time":287724793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.162.138.200","src_port":28681,"dst_port":24018,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5204,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":694,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625031,"flow_src_last_pkt_time":287625031,"flow_dst_last_pkt_time":287625031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":333448903,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":28681,"dst_port":12405,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00879{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":163183918,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":359,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":160009075,"flow_src_last_pkt_time":163034860,"flow_dst_last_pkt_time":160009075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":51685,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":163151080,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":163118762,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620353,"flow_src_last_pkt_time":243620353,"flow_dst_last_pkt_time":243620353,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.102.148.166","src_port":28681,"dst_port":31332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619573,"flow_src_last_pkt_time":243619573,"flow_dst_last_pkt_time":243619573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.0.69.215","src_port":28681,"dst_port":12608,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90880863,"flow_src_last_pkt_time":251768782,"flow_dst_last_pkt_time":251799257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":755,"flow_dst_tot_l4_payload_len":4350,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619099,"flow_src_last_pkt_time":243619099,"flow_dst_last_pkt_time":243619099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.215.183.71","src_port":28681,"dst_port":31310,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":290166113,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618045,"flow_src_last_pkt_time":243618045,"flow_dst_last_pkt_time":243618045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.223.143.31","src_port":28681,"dst_port":47978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620457,"flow_src_last_pkt_time":243620457,"flow_dst_last_pkt_time":243620457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":31728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90871417,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":251762907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289962007,"flow_src_last_pkt_time":289962007,"flow_dst_last_pkt_time":289962007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6599,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619924,"flow_src_last_pkt_time":243619924,"flow_dst_last_pkt_time":243619924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"191.114.88.39","src_port":28681,"dst_port":18751,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00742{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618625,"flow_src_last_pkt_time":243618625,"flow_dst_last_pkt_time":243618625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.135.8.7","src_port":28681,"dst_port":1219,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":243617373,"flow_src_last_pkt_time":243617373,"flow_dst_last_pkt_time":243755535,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619335,"flow_src_last_pkt_time":243619335,"flow_dst_last_pkt_time":243619335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"144.134.132.206","src_port":28681,"dst_port":16401,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619466,"flow_src_last_pkt_time":243619466,"flow_dst_last_pkt_time":243619466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"161.81.38.67","src_port":28681,"dst_port":9539,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620225,"flow_src_last_pkt_time":243620225,"flow_dst_last_pkt_time":243620225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":24634,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620034,"flow_src_last_pkt_time":243620034,"flow_dst_last_pkt_time":243620034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.59.24","src_port":28681,"dst_port":28755,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":95716226,"flow_src_last_pkt_time":243617528,"flow_dst_last_pkt_time":243760248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01057{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5304,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":95716226,"flow_src_last_pkt_time":243617528,"flow_dst_last_pkt_time":243760248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":343454896,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5372,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_packet_id":3,"flow_src_last_pkt_time":350801765,"flow_dst_last_pkt_time":243755535,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":350801765,"pkt":"UlQAEjUCCAAn5uVZCABFAABUUWcAAIARlZ8KAAIPVEfzPHAJhsIAQN+fXS\/iNTECAGQaxPLpTglwD4ABACEAAAD5AHBpbmtmbG95ZADDAlFLRO45aqEDU0NQQAFaQIJQUkA="} 00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5381,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":573,"flow_packet_id":2,"flow_src_last_pkt_time":350982053,"flow_dst_last_pkt_time":287424215,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":350982053,"pkt":"UlQAEjUCCAAn5uVZCABFAAA49UMAAIARRGEKAAIPR++tEnAJWx8AJJ\/UjSsxAo9FSZH\/5RaddLKjAwABAAUAAADDglFLQA=="} 00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5386,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":573,"flow_packet_id":3,"flow_src_last_pkt_time":350982053,"flow_dst_last_pkt_time":351110333,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":351110333,"pkt":"CAAn5uVZUlQAEjUCCABFAABKDVAAAEARbENH760SCgACD1sfcAkANlLBjSsxAo9FSZH\/5RaddLKjAwEBABcAAAAfW0fvrRIAAAAACAAAAMOCUUtEmW5VTg=="} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":139506098,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -3974,7 +3974,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4003,7 +4003,7 @@ 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":327,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4014,8 +4014,8 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":311751466,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00845{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00888{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":312955333,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4050,25 +4050,25 @@ 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5408,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":353404140,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5426,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":355387386,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5426,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_packet_id":1,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":81,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":81,"pkt_l4_len":47,"thread_ts_usec":355387386,"pkt":"UlQAEjUCCAAn5uVZCABFAABDeM0AAIARhvwKAAIPVH3aVHAJRJkAL52kWv4xAksIMkL\/WuRk66hXAwABABAAAADDA1NDUEECglZDRUdUS0di"} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95443212,"flow_src_last_pkt_time":176333600,"flow_dst_last_pkt_time":176562520,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":179735999,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":168594778,"flow_src_last_pkt_time":176694790,"flow_dst_last_pkt_time":176963996,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":399,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":139506262,"flow_src_last_pkt_time":176963996,"flow_dst_last_pkt_time":177166012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":394,"flow_dst_tot_l4_payload_len":1560,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90845230,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":174321070,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":146,"flow_dst_tot_l4_payload_len":855,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":11852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00784{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00827{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00740{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":243,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":9,"flow_first_seen":89016303,"flow_src_last_pkt_time":176563028,"flow_dst_last_pkt_time":176659064,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":824,"flow_dst_tot_l4_payload_len":3953,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01008{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":174723421,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01051{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":174679514,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":329,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":312956911,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5501,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":312956203,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":363239168,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4093,29 +4093,29 @@ 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5636,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_packet_id":2,"flow_src_last_pkt_time":373497620,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":373497620,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mm0AAIARSEgKAAIPQ8EINHAJlrgAID9hR05EEEAYAQFUC1FLUlAGUk5BXS\/iNQlw"} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5639,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_packet_id":2,"flow_src_last_pkt_time":373498112,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":373498112,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D1EAAIARtk0KAAIPjnPamHAJFwwAIKHzR05EEEAbAQFUC1FLUlAGUk5BXS\/iNQlw"} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5640,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_packet_id":3,"flow_src_last_pkt_time":373498204,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":373498204,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0fvoAAIAR6tsKAAIPmgMq0XAJGMoAIERsR05EEEAcAQFUC1FLUlAGUk5BXS\/iNQlw"} -00998{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":192908239,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01041{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":20,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":16487243,"flow_src_last_pkt_time":192636357,"flow_dst_last_pkt_time":16487243,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":603,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":192908239,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":192908239,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":192907653,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":192907653,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":192907653,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":371837257,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":373498296,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":373497746,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":371837471,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":71536330,"flow_src_last_pkt_time":350798579,"flow_dst_last_pkt_time":351075803,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":104,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":371836228,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":371837958,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":371837833,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":373498384,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":373497923,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":371837045,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":371837366,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4123,15 +4123,15 @@ 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":311749833,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":373494338,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":371838692,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":253024867,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":371836386,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":373494490,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":373496286,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5643,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":373494665,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":373498384,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5717,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_packet_id":2,"flow_src_last_pkt_time":381404139,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":381404139,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0860AAIARiigKAAIPgS0vp3AJGMoAIFhpR05EEEAfAQFUC1FLUlAGUk5BXS\/iNQlw"} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425184,"flow_src_last_pkt_time":287425184,"flow_dst_last_pkt_time":287425184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.148.100.237","src_port":28681,"dst_port":23459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4153,7 +4153,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":373494210,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":371837679,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":373495111,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442897,"flow_src_last_pkt_time":287442897,"flow_dst_last_pkt_time":287442897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":64577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":622,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485837,"flow_src_last_pkt_time":287485837,"flow_dst_last_pkt_time":287485837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":647,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511462,"flow_src_last_pkt_time":287511462,"flow_dst_last_pkt_time":287511462,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":28681,"dst_port":21293,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4310,7 +4310,7 @@ 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287426310,"flow_src_last_pkt_time":287426310,"flow_dst_last_pkt_time":287647245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.170.108","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":678,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619126,"flow_src_last_pkt_time":287619126,"flow_dst_last_pkt_time":287619126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":9128,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":707,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652991,"flow_src_last_pkt_time":287652991,"flow_dst_last_pkt_time":287652991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":1968,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00845{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00888{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356242,"flow_src_last_pkt_time":320291740,"flow_dst_last_pkt_time":287356242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":55577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":655,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524531,"flow_src_last_pkt_time":287524531,"flow_dst_last_pkt_time":287524531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":28681,"dst_port":44616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":726,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698136,"flow_src_last_pkt_time":287698136,"flow_dst_last_pkt_time":287698136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.91.30.216","src_port":28681,"dst_port":61635,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4420,70 +4420,70 @@ 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5740,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":694,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625031,"flow_src_last_pkt_time":287625031,"flow_dst_last_pkt_time":287625031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":383726030,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":28681,"dst_port":12405,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620353,"flow_src_last_pkt_time":243620353,"flow_dst_last_pkt_time":243620353,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.102.148.166","src_port":28681,"dst_port":31332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619573,"flow_src_last_pkt_time":243619573,"flow_dst_last_pkt_time":243619573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.0.69.215","src_port":28681,"dst_port":12608,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00741{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90880863,"flow_src_last_pkt_time":251768782,"flow_dst_last_pkt_time":251799257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":755,"flow_dst_tot_l4_payload_len":4350,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619099,"flow_src_last_pkt_time":243619099,"flow_dst_last_pkt_time":243619099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.215.183.71","src_port":28681,"dst_port":31310,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":290166113,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618045,"flow_src_last_pkt_time":243618045,"flow_dst_last_pkt_time":243618045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.223.143.31","src_port":28681,"dst_port":47978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620457,"flow_src_last_pkt_time":243620457,"flow_dst_last_pkt_time":243620457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":31728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90871417,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":251762907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289962007,"flow_src_last_pkt_time":289962007,"flow_dst_last_pkt_time":289962007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6599,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619924,"flow_src_last_pkt_time":243619924,"flow_dst_last_pkt_time":243619924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"191.114.88.39","src_port":28681,"dst_port":18751,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618625,"flow_src_last_pkt_time":243618625,"flow_dst_last_pkt_time":243618625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.135.8.7","src_port":28681,"dst_port":1219,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":243617373,"flow_src_last_pkt_time":365428420,"flow_dst_last_pkt_time":365474471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":186,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619335,"flow_src_last_pkt_time":243619335,"flow_dst_last_pkt_time":243619335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"144.134.132.206","src_port":28681,"dst_port":16401,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619466,"flow_src_last_pkt_time":243619466,"flow_dst_last_pkt_time":243619466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"161.81.38.67","src_port":28681,"dst_port":9539,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620225,"flow_src_last_pkt_time":243620225,"flow_dst_last_pkt_time":243620225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":24634,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620034,"flow_src_last_pkt_time":243620034,"flow_dst_last_pkt_time":243620034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.59.24","src_port":28681,"dst_port":28755,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":95716226,"flow_src_last_pkt_time":350800628,"flow_dst_last_pkt_time":350954135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5835,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":95716226,"flow_src_last_pkt_time":350800628,"flow_dst_last_pkt_time":350954135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":394117661,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5882,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":399168972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5882,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_packet_id":1,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":399168972,"pkt":"UlQAEjUCCAAn5uVZCABFAAA854sAAIAR\/DEKAAIPaJziSHAJ0AoAKHNuYiULNAANuxoAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} -00972{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5882,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":399168972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01015{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5882,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":399168972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5889,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_packet_id":2,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":399265426,"pkt":"CAAn5uVZUlQAEjUCCABFAABEDoMAAEARFTNonOJICgACD9AKcAkAMN2JYiULNAANuxpiJQs1AA5dgzEBABEAAABHVEtHCgABAABiJQs1AA5ddw=="} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5901,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400018839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5901,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":1,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":400018839,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LcAAAER3GIKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00874{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5901,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400018839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00917{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5901,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400018839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00733{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5915,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400872943,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5915,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_packet_id":1,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":400872943,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8Bs8AAIAREesKAAIPaO6s+nAJW\/wAKKTOYiULNgAJMscAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} -00973{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5915,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400872943,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01016{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5915,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400872943,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00531{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5917,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_packet_id":2,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":400901727,"pkt":"CAAn5uVZUlQAEjUCCABFAABEDpQAAEARSh5o7qz6CgACD1v8cAkAMAJCYiULNgAJMsdiJQs2AAlj5TEBABEAAABHVEtHCgABAABiJQs2AAljxQ=="} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5919,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":2,"flow_src_last_pkt_time":401028587,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":401028587,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LgAAAER3GEKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5928,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":3,"flow_src_last_pkt_time":402032886,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":402032886,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LkAAAER3GAKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4498,7 +4498,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4528,7 +4528,7 @@ 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":327,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4539,7 +4539,7 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":373498204,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":373494820,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4572,16 +4572,16 @@ 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800960,"flow_src_last_pkt_time":287319660,"flow_dst_last_pkt_time":251800960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":63978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800608,"flow_src_last_pkt_time":287319436,"flow_dst_last_pkt_time":251800608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":33564,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":5953,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":404327550,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00843{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239821,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.122.233.15","src_port":28681,"dst_port":11488,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00886{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":746,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239821,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.122.233.15","src_port":28681,"dst_port":11488,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239821,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.122.233.15","src_port":28681,"dst_port":11488,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":373497620,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4595,46 +4595,46 @@ 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":265818202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6044,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":414496769,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620353,"flow_src_last_pkt_time":243620353,"flow_dst_last_pkt_time":243620353,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.102.148.166","src_port":28681,"dst_port":31332,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620353,"flow_src_last_pkt_time":243620353,"flow_dst_last_pkt_time":243620353,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.102.148.166","src_port":28681,"dst_port":31332,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":398,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620353,"flow_src_last_pkt_time":243620353,"flow_dst_last_pkt_time":243620353,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.102.148.166","src_port":28681,"dst_port":31332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619573,"flow_src_last_pkt_time":243619573,"flow_dst_last_pkt_time":243619573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.0.69.215","src_port":28681,"dst_port":12608,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619573,"flow_src_last_pkt_time":243619573,"flow_dst_last_pkt_time":243619573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.0.69.215","src_port":28681,"dst_port":12608,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":392,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619573,"flow_src_last_pkt_time":243619573,"flow_dst_last_pkt_time":243619573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.0.69.215","src_port":28681,"dst_port":12608,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619099,"flow_src_last_pkt_time":243619099,"flow_dst_last_pkt_time":243619099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.215.183.71","src_port":28681,"dst_port":31310,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619099,"flow_src_last_pkt_time":243619099,"flow_dst_last_pkt_time":243619099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.215.183.71","src_port":28681,"dst_port":31310,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":389,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619099,"flow_src_last_pkt_time":243619099,"flow_dst_last_pkt_time":243619099,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.215.183.71","src_port":28681,"dst_port":31310,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618045,"flow_src_last_pkt_time":243618045,"flow_dst_last_pkt_time":243618045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.223.143.31","src_port":28681,"dst_port":47978,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618045,"flow_src_last_pkt_time":243618045,"flow_dst_last_pkt_time":243618045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.223.143.31","src_port":28681,"dst_port":47978,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":385,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618045,"flow_src_last_pkt_time":243618045,"flow_dst_last_pkt_time":243618045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.223.143.31","src_port":28681,"dst_port":47978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620457,"flow_src_last_pkt_time":243620457,"flow_dst_last_pkt_time":243620457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":31728,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620457,"flow_src_last_pkt_time":243620457,"flow_dst_last_pkt_time":243620457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":31728,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":399,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620457,"flow_src_last_pkt_time":243620457,"flow_dst_last_pkt_time":243620457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":31728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619924,"flow_src_last_pkt_time":243619924,"flow_dst_last_pkt_time":243619924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"191.114.88.39","src_port":28681,"dst_port":18751,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619924,"flow_src_last_pkt_time":243619924,"flow_dst_last_pkt_time":243619924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"191.114.88.39","src_port":28681,"dst_port":18751,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":395,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619924,"flow_src_last_pkt_time":243619924,"flow_dst_last_pkt_time":243619924,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"191.114.88.39","src_port":28681,"dst_port":18751,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618625,"flow_src_last_pkt_time":243618625,"flow_dst_last_pkt_time":243618625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.135.8.7","src_port":28681,"dst_port":1219,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618625,"flow_src_last_pkt_time":243618625,"flow_dst_last_pkt_time":243618625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.135.8.7","src_port":28681,"dst_port":1219,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":387,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243618625,"flow_src_last_pkt_time":243618625,"flow_dst_last_pkt_time":243618625,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.135.8.7","src_port":28681,"dst_port":1219,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619335,"flow_src_last_pkt_time":243619335,"flow_dst_last_pkt_time":243619335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"144.134.132.206","src_port":28681,"dst_port":16401,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619335,"flow_src_last_pkt_time":243619335,"flow_dst_last_pkt_time":243619335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"144.134.132.206","src_port":28681,"dst_port":16401,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":390,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619335,"flow_src_last_pkt_time":243619335,"flow_dst_last_pkt_time":243619335,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"144.134.132.206","src_port":28681,"dst_port":16401,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619466,"flow_src_last_pkt_time":243619466,"flow_dst_last_pkt_time":243619466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"161.81.38.67","src_port":28681,"dst_port":9539,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619466,"flow_src_last_pkt_time":243619466,"flow_dst_last_pkt_time":243619466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"161.81.38.67","src_port":28681,"dst_port":9539,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":391,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243619466,"flow_src_last_pkt_time":243619466,"flow_dst_last_pkt_time":243619466,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"161.81.38.67","src_port":28681,"dst_port":9539,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620225,"flow_src_last_pkt_time":243620225,"flow_dst_last_pkt_time":243620225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":24634,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620225,"flow_src_last_pkt_time":243620225,"flow_dst_last_pkt_time":243620225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":24634,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":397,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620225,"flow_src_last_pkt_time":243620225,"flow_dst_last_pkt_time":243620225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":24634,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620034,"flow_src_last_pkt_time":243620034,"flow_dst_last_pkt_time":243620034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.59.24","src_port":28681,"dst_port":28755,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620034,"flow_src_last_pkt_time":243620034,"flow_dst_last_pkt_time":243620034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.59.24","src_port":28681,"dst_port":28755,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":396,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":243620034,"flow_src_last_pkt_time":243620034,"flow_dst_last_pkt_time":243620034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.59.24","src_port":28681,"dst_port":28755,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":371837257,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":373498296,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":373497746,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":371837471,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":71536330,"flow_src_last_pkt_time":350798579,"flow_dst_last_pkt_time":351075803,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":104,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":371836228,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":371837958,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":371837833,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":373498384,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":373497923,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":371837045,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":371837366,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":371835925,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4642,20 +4642,20 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":373494338,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":371838692,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":371838970,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":253024867,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":371836386,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":373494490,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":373494060,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":373496286,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6149,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":373494665,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":424016885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00727{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6215,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431178093,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00756{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6215,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_packet_id":1,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":243,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":243,"pkt_l4_len":209,"thread_ts_usec":431178093,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAADlHP4AAIARA\/0KAAIPCgAC\/wCKAIoA0frqEQKcMAoAAg8AigC7AAAgRU5GREVGRUVFSEVGRkhFSkVPREJEQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAOgDAAAAAAAAAAAhAFYAAwABAAAAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQAAUwcATVNFREdFV0lOMTAAAAAAAAoAAxAAAA8BVaoA"} -00987{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6215,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431178093,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System","hostname":"msedgewin10"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6215,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431178093,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System","hostname":"msedgewin10"}} 00731{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6223,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431829260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6223,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_packet_id":1,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431829260,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QZQAAIAR3lkKAAIPw4RLOHAJ2skAIDh8R05EEEAkAQFUC1FLUlAGUk5BXS\/iNQlw"} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6230,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_packet_id":3,"flow_src_last_pkt_time":431830157,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431830157,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mm4AAIARSEcKAAIPQ8EINHAJlrgAID9OR05EEEArAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -4668,115 +4668,115 @@ 00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6270,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_packet_id":1,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433136175,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dXUAAIARfkEKAAIP0Fxql3AJftwAIGgXR05EEEA\/AQFUC1FLUlAGUk5BXS\/iNQlw"} 00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6274,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_packet_id":2,"flow_src_last_pkt_time":433136748,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433136748,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0M5gAAIARjK8KAAIPKWRE\/3AJMiYAIIFaR05EEEBDAQFUC1FLUlAGUk5BXS\/iNQlw"} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6278,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_packet_id":3,"flow_src_last_pkt_time":433137328,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433137328,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D1IAAIARtkwKAAIPjnPamHAJFwwAIKHHR05EEEBHAQFUC1FLUlAGUk5BXS\/iNQlw"} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740138,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.2.245","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740138,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.2.245","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740138,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.2.245","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742217,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.15.216.216","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742217,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.15.216.216","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742217,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.15.216.216","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742020,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.35.219","src_port":28681,"dst_port":42211,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742020,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.35.219","src_port":28681,"dst_port":42211,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742020,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.35.219","src_port":28681,"dst_port":42211,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743840,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.135.15.86","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743840,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.135.15.86","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743840,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.135.15.86","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743428,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.24.146.101","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743428,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.24.146.101","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743428,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.24.146.101","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768679,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"2.28.39.18","src_port":28681,"dst_port":15672,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768679,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"2.28.39.18","src_port":28681,"dst_port":15672,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768679,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"2.28.39.18","src_port":28681,"dst_port":15672,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":253026052,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251741922,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":253031457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":319,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":319,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.39.11","src_port":28681,"dst_port":12977,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251741922,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":253031457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":319,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":319,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.39.11","src_port":28681,"dst_port":12977,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251741922,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":253031457,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":319,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":319,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.39.11","src_port":28681,"dst_port":12977,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741399,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.139.61.103","src_port":28681,"dst_port":24096,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741399,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.139.61.103","src_port":28681,"dst_port":24096,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741399,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.139.61.103","src_port":28681,"dst_port":24096,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00783{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90880863,"flow_src_last_pkt_time":251768782,"flow_dst_last_pkt_time":251799257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":755,"flow_dst_tot_l4_payload_len":4350,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00826{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90880863,"flow_src_last_pkt_time":251768782,"flow_dst_last_pkt_time":251799257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":755,"flow_dst_tot_l4_payload_len":4350,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00739{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90880863,"flow_src_last_pkt_time":251768782,"flow_dst_last_pkt_time":251799257,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":755,"flow_dst_tot_l4_payload_len":4350,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.32.126.214","src_port":28681,"dst_port":59596,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741037,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.65.188.29","src_port":28681,"dst_port":24676,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741037,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.65.188.29","src_port":28681,"dst_port":24676,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741037,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.65.188.29","src_port":28681,"dst_port":24676,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740694,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.177.52.73","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740694,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.177.52.73","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740694,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.177.52.73","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741613,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.129.149.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741613,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.129.149.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741613,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.129.149.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769188,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.214.12.247","src_port":28681,"dst_port":44001,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769188,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.214.12.247","src_port":28681,"dst_port":44001,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769188,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.214.12.247","src_port":28681,"dst_port":44001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768912,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.119.248.5","src_port":28681,"dst_port":49929,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768912,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.119.248.5","src_port":28681,"dst_port":49929,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768912,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.119.248.5","src_port":28681,"dst_port":49929,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742656,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.162.97.8","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742656,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.162.97.8","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742656,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.162.97.8","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742343,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"145.82.53.165","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742343,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"145.82.53.165","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742343,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"145.82.53.165","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00845{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"CiscoVPN","proto_id":"161","encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} +00888{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","ndpi": {"confidence": {"1":"Match by port"},"proto":"CiscoVPN","proto_id":"161","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":327,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":327,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":252632878,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":327,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00782{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90871417,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":251762907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00825{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90871417,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":251762907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00738{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90871417,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":251762907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":30566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251946178,"flow_src_last_pkt_time":251946178,"flow_dst_last_pkt_time":251946178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":1026,"dst_port":28681,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251946178,"flow_src_last_pkt_time":251946178,"flow_dst_last_pkt_time":251946178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":1026,"dst_port":28681,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":483,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251946178,"flow_src_last_pkt_time":251946178,"flow_dst_last_pkt_time":251946178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":45,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":45,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":45,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":1026,"dst_port":28681,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251738882,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.219.202.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251738882,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.219.202.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251738882,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.219.202.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741806,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.127.34","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741806,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.127.34","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741806,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.127.34","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741506,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.187.236.179","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741506,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.187.236.179","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741506,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.187.236.179","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":253026184,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":253026184,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":253026184,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740418,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.28.130.131","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740418,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.28.130.131","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740418,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.28.130.131","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":252853049,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":322,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":322,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":252853049,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":322,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":322,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":252853049,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":322,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":322,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00781{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251741183,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":252054388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":309,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":309,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":28681,"dst_port":8255,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00824{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251741183,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":252054388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":309,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":309,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":28681,"dst_port":8255,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00737{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251741183,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":252054388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":309,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":309,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":28681,"dst_port":8255,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743945,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.165.170.112","src_port":28681,"dst_port":37087,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743945,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.165.170.112","src_port":28681,"dst_port":37087,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743945,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.165.170.112","src_port":28681,"dst_port":37087,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743626,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.38.163.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743626,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.38.163.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743626,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.38.163.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":253024371,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741711,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.193.236.8","src_port":28681,"dst_port":46557,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741711,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.193.236.8","src_port":28681,"dst_port":46557,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741711,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.193.236.8","src_port":28681,"dst_port":46557,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743139,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.6.118.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743139,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.6.118.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743139,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.6.118.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00781{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251743326,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":252481655,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":304,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":304,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.24.182.130","src_port":28681,"dst_port":22232,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00824{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251743326,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":252481655,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":304,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":304,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.24.182.130","src_port":28681,"dst_port":22232,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00737{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":251743326,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":252481655,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":304,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":304,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.24.182.130","src_port":28681,"dst_port":22232,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742935,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.8.95.165","src_port":28681,"dst_port":40763,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742935,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.8.95.165","src_port":28681,"dst_port":40763,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742935,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.8.95.165","src_port":28681,"dst_port":40763,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425184,"flow_src_last_pkt_time":287425184,"flow_dst_last_pkt_time":287425184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.148.100.237","src_port":28681,"dst_port":23459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428629,"flow_src_last_pkt_time":287428629,"flow_dst_last_pkt_time":287428629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":28681,"dst_port":13060,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -4797,7 +4797,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":433137196,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":431831496,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":431829784,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442897,"flow_src_last_pkt_time":287442897,"flow_dst_last_pkt_time":287442897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":64577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":622,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485837,"flow_src_last_pkt_time":287485837,"flow_dst_last_pkt_time":287485837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":647,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511462,"flow_src_last_pkt_time":287511462,"flow_dst_last_pkt_time":287511462,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":28681,"dst_port":21293,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5057,52 +5057,52 @@ 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6288,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":694,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625031,"flow_src_last_pkt_time":287625031,"flow_dst_last_pkt_time":287625031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":434149885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":28681,"dst_port":12405,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":290166113,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01012{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01055{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289962007,"flow_src_last_pkt_time":289962007,"flow_dst_last_pkt_time":289962007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6599,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00740{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01011{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":243617373,"flow_src_last_pkt_time":365428420,"flow_dst_last_pkt_time":365474471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":186,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":301,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":301,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":444674440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":301,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":301,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":301,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":301,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":265818202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":265818202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":265818202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":303,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":303,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801646,"flow_src_last_pkt_time":287320078,"flow_dst_last_pkt_time":251801646,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.13.148","src_port":28681,"dst_port":51896,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800801,"flow_src_last_pkt_time":287319532,"flow_dst_last_pkt_time":251800801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":45880,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5111,13 +5111,13 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01061{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801076,"flow_src_last_pkt_time":287319762,"flow_dst_last_pkt_time":251801076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":28681,"dst_port":63172,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763807,"flow_src_last_pkt_time":287316570,"flow_dst_last_pkt_time":251763807,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":54754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764559,"flow_src_last_pkt_time":287316810,"flow_dst_last_pkt_time":251764559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.70.199.107","src_port":28681,"dst_port":60475,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799958,"flow_src_last_pkt_time":287319131,"flow_dst_last_pkt_time":251799958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":46790,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764749,"flow_src_last_pkt_time":287316900,"flow_dst_last_pkt_time":287495652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5127,11 +5127,11 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766030,"flow_src_last_pkt_time":287317454,"flow_dst_last_pkt_time":251766030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.127.26.138","src_port":28681,"dst_port":3083,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767408,"flow_src_last_pkt_time":287318133,"flow_dst_last_pkt_time":251767408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.194.116.78","src_port":28681,"dst_port":8342,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766203,"flow_src_last_pkt_time":287317526,"flow_dst_last_pkt_time":251766203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":23183,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -01019{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01062{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":433136626,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01060{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":433135784,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766954,"flow_src_last_pkt_time":287317823,"flow_dst_last_pkt_time":251766954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.240.113","src_port":28681,"dst_port":13867,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5147,582 +5147,582 @@ 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800960,"flow_src_last_pkt_time":287319660,"flow_dst_last_pkt_time":251800960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":63978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800608,"flow_src_last_pkt_time":287319436,"flow_dst_last_pkt_time":251800608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":33564,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6445,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":454778708,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00879{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":280014541,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":57552,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":431830157,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":373496486,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":433137328,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":373497401,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6530,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":464672275,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425184,"flow_src_last_pkt_time":287425184,"flow_dst_last_pkt_time":287425184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.148.100.237","src_port":28681,"dst_port":23459,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425184,"flow_src_last_pkt_time":287425184,"flow_dst_last_pkt_time":287425184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.148.100.237","src_port":28681,"dst_port":23459,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":577,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425184,"flow_src_last_pkt_time":287425184,"flow_dst_last_pkt_time":287425184,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.148.100.237","src_port":28681,"dst_port":23459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428629,"flow_src_last_pkt_time":287428629,"flow_dst_last_pkt_time":287428629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":28681,"dst_port":13060,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428629,"flow_src_last_pkt_time":287428629,"flow_dst_last_pkt_time":287428629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":28681,"dst_port":13060,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":586,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428629,"flow_src_last_pkt_time":287428629,"flow_dst_last_pkt_time":287428629,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":28681,"dst_port":13060,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484830,"flow_src_last_pkt_time":287484830,"flow_dst_last_pkt_time":287484830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":13281,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484830,"flow_src_last_pkt_time":287484830,"flow_dst_last_pkt_time":287484830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":13281,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":619,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484830,"flow_src_last_pkt_time":287484830,"flow_dst_last_pkt_time":287484830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":13281,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":377,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243616097,"flow_src_last_pkt_time":287511110,"flow_dst_last_pkt_time":243616097,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.200.236.13","src_port":28681,"dst_port":12082,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287321004,"flow_src_last_pkt_time":287321004,"flow_dst_last_pkt_time":287321004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.197.93","src_port":28681,"dst_port":1483,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287321004,"flow_src_last_pkt_time":287321004,"flow_dst_last_pkt_time":287321004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.197.93","src_port":28681,"dst_port":1483,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":526,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287321004,"flow_src_last_pkt_time":287321004,"flow_dst_last_pkt_time":287321004,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.197.93","src_port":28681,"dst_port":1483,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287313271,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.142.109.190","src_port":28681,"dst_port":41370,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287313271,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.142.109.190","src_port":28681,"dst_port":41370,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287313271,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.142.109.190","src_port":28681,"dst_port":41370,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":670,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287589463,"flow_src_last_pkt_time":287589463,"flow_dst_last_pkt_time":287589463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":2846,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":670,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287589463,"flow_src_last_pkt_time":287589463,"flow_dst_last_pkt_time":287589463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":2846,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":670,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287589463,"flow_src_last_pkt_time":287589463,"flow_dst_last_pkt_time":287589463,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":2846,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287444410,"flow_src_last_pkt_time":287444410,"flow_dst_last_pkt_time":287444410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":59016,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287444410,"flow_src_last_pkt_time":287444410,"flow_dst_last_pkt_time":287444410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":59016,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":610,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287444410,"flow_src_last_pkt_time":287444410,"flow_dst_last_pkt_time":287444410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":59016,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":691,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623920,"flow_src_last_pkt_time":287623920,"flow_dst_last_pkt_time":287623920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":50637,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":691,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623920,"flow_src_last_pkt_time":287623920,"flow_dst_last_pkt_time":287623920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":50637,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":691,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623920,"flow_src_last_pkt_time":287623920,"flow_dst_last_pkt_time":287623920,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":50637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":701,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287650717,"flow_src_last_pkt_time":287650717,"flow_dst_last_pkt_time":287650717,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.206.27.26","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":701,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287650717,"flow_src_last_pkt_time":287650717,"flow_dst_last_pkt_time":287650717,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.206.27.26","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":701,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287650717,"flow_src_last_pkt_time":287650717,"flow_dst_last_pkt_time":287650717,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.206.27.26","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314350,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.47.223.27","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314350,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.47.223.27","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314350,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.47.223.27","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":101162745,"flow_src_last_pkt_time":287624798,"flow_dst_last_pkt_time":177309077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":168555545,"flow_src_last_pkt_time":287428135,"flow_dst_last_pkt_time":287464674,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":483,"flow_dst_tot_l4_payload_len":1891,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":450,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765454,"flow_src_last_pkt_time":287317165,"flow_dst_last_pkt_time":287535563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309338,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.173.230.98","src_port":28681,"dst_port":19004,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309338,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.173.230.98","src_port":28681,"dst_port":19004,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309338,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.173.230.98","src_port":28681,"dst_port":19004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287429914,"flow_src_last_pkt_time":287429914,"flow_dst_last_pkt_time":287624396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":7190,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287429914,"flow_src_last_pkt_time":287429914,"flow_dst_last_pkt_time":287624396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":7190,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":592,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287429914,"flow_src_last_pkt_time":287429914,"flow_dst_last_pkt_time":287624396,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":7190,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":702,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651077,"flow_src_last_pkt_time":287651077,"flow_dst_last_pkt_time":287651077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.190.184","src_port":28681,"dst_port":64163,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":702,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651077,"flow_src_last_pkt_time":287651077,"flow_dst_last_pkt_time":287651077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.190.184","src_port":28681,"dst_port":64163,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":702,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651077,"flow_src_last_pkt_time":287651077,"flow_dst_last_pkt_time":287651077,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.190.184","src_port":28681,"dst_port":64163,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308993,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.247.89.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308993,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.247.89.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308993,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.247.89.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801646,"flow_src_last_pkt_time":287320078,"flow_dst_last_pkt_time":251801646,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.13.148","src_port":28681,"dst_port":51896,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801646,"flow_src_last_pkt_time":287320078,"flow_dst_last_pkt_time":251801646,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.13.148","src_port":28681,"dst_port":51896,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":479,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801646,"flow_src_last_pkt_time":287320078,"flow_dst_last_pkt_time":251801646,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.13.148","src_port":28681,"dst_port":51896,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442897,"flow_src_last_pkt_time":287442897,"flow_dst_last_pkt_time":287442897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":64577,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442897,"flow_src_last_pkt_time":287442897,"flow_dst_last_pkt_time":287442897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":64577,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":603,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442897,"flow_src_last_pkt_time":287442897,"flow_dst_last_pkt_time":287442897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":64577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":394,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243619784,"flow_src_last_pkt_time":287427833,"flow_dst_last_pkt_time":287621392,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.134.136","src_port":28681,"dst_port":21407,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":741,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.25.47","src_port":28681,"dst_port":21293,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":90005361,"flow_src_last_pkt_time":287321463,"flow_dst_last_pkt_time":287355218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4067,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":741,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.25.47","src_port":28681,"dst_port":21293,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":741,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.25.47","src_port":28681,"dst_port":21293,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":647,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511462,"flow_src_last_pkt_time":287511462,"flow_dst_last_pkt_time":287511462,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":28681,"dst_port":21293,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":647,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511462,"flow_src_last_pkt_time":287511462,"flow_dst_last_pkt_time":287511462,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":28681,"dst_port":21293,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":647,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511462,"flow_src_last_pkt_time":287511462,"flow_dst_last_pkt_time":287511462,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":28681,"dst_port":21293,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":622,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485837,"flow_src_last_pkt_time":287485837,"flow_dst_last_pkt_time":287485837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3227,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":622,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485837,"flow_src_last_pkt_time":287485837,"flow_dst_last_pkt_time":287485837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3227,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":622,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485837,"flow_src_last_pkt_time":287485837,"flow_dst_last_pkt_time":287485837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315409,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.246.147.72","src_port":28681,"dst_port":4572,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315409,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.246.147.72","src_port":28681,"dst_port":4572,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315409,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.246.147.72","src_port":28681,"dst_port":4572,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":734,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287858651,"flow_src_last_pkt_time":287858651,"flow_dst_last_pkt_time":287858651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":28681,"dst_port":4338,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":734,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287858651,"flow_src_last_pkt_time":287858651,"flow_dst_last_pkt_time":287858651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":28681,"dst_port":4338,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":734,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287858651,"flow_src_last_pkt_time":287858651,"flow_dst_last_pkt_time":287858651,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":28681,"dst_port":4338,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441868,"flow_src_last_pkt_time":287441868,"flow_dst_last_pkt_time":287441868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52274,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441868,"flow_src_last_pkt_time":287441868,"flow_dst_last_pkt_time":287441868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52274,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":597,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441868,"flow_src_last_pkt_time":287441868,"flow_dst_last_pkt_time":287441868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52274,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":676,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600343,"flow_src_last_pkt_time":287600343,"flow_dst_last_pkt_time":287600343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":62191,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":676,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600343,"flow_src_last_pkt_time":287600343,"flow_dst_last_pkt_time":287600343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":62191,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":676,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600343,"flow_src_last_pkt_time":287600343,"flow_dst_last_pkt_time":287600343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":62191,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":739,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3256,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":124066131,"flow_src_last_pkt_time":287321260,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":739,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3256,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":739,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3256,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":629,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287496517,"flow_src_last_pkt_time":287539055,"flow_dst_last_pkt_time":287579829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":629,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287496517,"flow_src_last_pkt_time":287539055,"flow_dst_last_pkt_time":287579829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":629,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287496517,"flow_src_last_pkt_time":287539055,"flow_dst_last_pkt_time":287579829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00781{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287469025,"flow_src_last_pkt_time":287753028,"flow_dst_last_pkt_time":288019720,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.208.167.152","src_port":28681,"dst_port":30628,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00824{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287469025,"flow_src_last_pkt_time":287753028,"flow_dst_last_pkt_time":288019720,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.208.167.152","src_port":28681,"dst_port":30628,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00737{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":617,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287469025,"flow_src_last_pkt_time":287753028,"flow_dst_last_pkt_time":288019720,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.208.167.152","src_port":28681,"dst_port":30628,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441707,"flow_src_last_pkt_time":287441707,"flow_dst_last_pkt_time":287441707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":58954,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441707,"flow_src_last_pkt_time":287441707,"flow_dst_last_pkt_time":287441707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":58954,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":596,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441707,"flow_src_last_pkt_time":287441707,"flow_dst_last_pkt_time":287441707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":58954,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800801,"flow_src_last_pkt_time":287319532,"flow_dst_last_pkt_time":251800801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":45880,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800801,"flow_src_last_pkt_time":287319532,"flow_dst_last_pkt_time":251800801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":45880,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":474,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800801,"flow_src_last_pkt_time":287319532,"flow_dst_last_pkt_time":251800801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":45880,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":714,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681495,"flow_src_last_pkt_time":287681495,"flow_dst_last_pkt_time":287681495,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51379,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":714,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681495,"flow_src_last_pkt_time":287681495,"flow_dst_last_pkt_time":287681495,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51379,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":714,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681495,"flow_src_last_pkt_time":287681495,"flow_dst_last_pkt_time":287681495,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51379,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287430116,"flow_src_last_pkt_time":287430116,"flow_dst_last_pkt_time":287430116,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":9747,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287430116,"flow_src_last_pkt_time":287430116,"flow_dst_last_pkt_time":287430116,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":9747,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":593,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287430116,"flow_src_last_pkt_time":287430116,"flow_dst_last_pkt_time":287430116,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":9747,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287423574,"flow_src_last_pkt_time":287423574,"flow_dst_last_pkt_time":287423574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.40.163.123","src_port":28681,"dst_port":55341,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287423574,"flow_src_last_pkt_time":287423574,"flow_dst_last_pkt_time":287423574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.40.163.123","src_port":28681,"dst_port":55341,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":571,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287423574,"flow_src_last_pkt_time":287423574,"flow_dst_last_pkt_time":287423574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.40.163.123","src_port":28681,"dst_port":55341,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320775,"flow_src_last_pkt_time":287320775,"flow_dst_last_pkt_time":287320775,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":65362,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320775,"flow_src_last_pkt_time":287320775,"flow_dst_last_pkt_time":287320775,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":65362,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":524,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320775,"flow_src_last_pkt_time":287320775,"flow_dst_last_pkt_time":287320775,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":65362,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":643,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287499386,"flow_src_last_pkt_time":287795084,"flow_dst_last_pkt_time":288088505,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.39.142.122","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":643,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287499386,"flow_src_last_pkt_time":287795084,"flow_dst_last_pkt_time":288088505,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.39.142.122","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":643,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287499386,"flow_src_last_pkt_time":287795084,"flow_dst_last_pkt_time":288088505,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.39.142.122","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801238,"flow_src_last_pkt_time":287319859,"flow_dst_last_pkt_time":251801238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45640,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801238,"flow_src_last_pkt_time":287319859,"flow_dst_last_pkt_time":251801238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45640,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":477,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801238,"flow_src_last_pkt_time":287319859,"flow_dst_last_pkt_time":251801238,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45640,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764172,"flow_src_last_pkt_time":287316645,"flow_dst_last_pkt_time":251764172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764172,"flow_src_last_pkt_time":287316645,"flow_dst_last_pkt_time":251764172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":444,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764172,"flow_src_last_pkt_time":287316645,"flow_dst_last_pkt_time":251764172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287423848,"flow_src_last_pkt_time":287557214,"flow_dst_last_pkt_time":287657263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287423848,"flow_src_last_pkt_time":287557214,"flow_dst_last_pkt_time":287657263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":572,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287423848,"flow_src_last_pkt_time":287557214,"flow_dst_last_pkt_time":287657263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":478,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801401,"flow_src_last_pkt_time":287319958,"flow_dst_last_pkt_time":251801401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.235.85.44","src_port":28681,"dst_port":64914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":449,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765085,"flow_src_last_pkt_time":287317080,"flow_dst_last_pkt_time":251765085,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":8826,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":650,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287512050,"flow_src_last_pkt_time":287512050,"flow_dst_last_pkt_time":287512050,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":56128,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":650,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287512050,"flow_src_last_pkt_time":287512050,"flow_dst_last_pkt_time":287512050,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":56128,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":650,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287512050,"flow_src_last_pkt_time":287512050,"flow_dst_last_pkt_time":287512050,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":56128,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":461,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767577,"flow_src_last_pkt_time":287318236,"flow_dst_last_pkt_time":251767577,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.27.193.124","src_port":28681,"dst_port":50555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320292,"flow_src_last_pkt_time":287320292,"flow_dst_last_pkt_time":287546422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3339,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320292,"flow_src_last_pkt_time":287320292,"flow_dst_last_pkt_time":287546422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3339,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":520,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320292,"flow_src_last_pkt_time":287320292,"flow_dst_last_pkt_time":287546422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3339,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00781{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00824{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00737{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":115369554,"flow_src_last_pkt_time":287313555,"flow_dst_last_pkt_time":287650021,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":142,"flow_dst_tot_l4_payload_len":265,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":636,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498023,"flow_src_last_pkt_time":287498023,"flow_dst_last_pkt_time":287498023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":2556,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":636,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498023,"flow_src_last_pkt_time":287498023,"flow_dst_last_pkt_time":287498023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":2556,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":636,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498023,"flow_src_last_pkt_time":287498023,"flow_dst_last_pkt_time":287498023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":2556,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":637,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498205,"flow_src_last_pkt_time":287498205,"flow_dst_last_pkt_time":287498205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":53143,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":2,"flow_first_seen":101837355,"flow_src_last_pkt_time":287806064,"flow_dst_last_pkt_time":289958480,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":120,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":208,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":637,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498205,"flow_src_last_pkt_time":287498205,"flow_dst_last_pkt_time":287498205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":53143,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":637,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498205,"flow_src_last_pkt_time":287498205,"flow_dst_last_pkt_time":287498205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":53143,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":638,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498394,"flow_src_last_pkt_time":287498394,"flow_dst_last_pkt_time":287498394,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.194.73","src_port":28681,"dst_port":1995,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":638,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498394,"flow_src_last_pkt_time":287498394,"flow_dst_last_pkt_time":287498394,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.194.73","src_port":28681,"dst_port":1995,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":638,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498394,"flow_src_last_pkt_time":287498394,"flow_dst_last_pkt_time":287498394,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.194.73","src_port":28681,"dst_port":1995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":677,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600705,"flow_src_last_pkt_time":287600705,"flow_dst_last_pkt_time":287600705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.208.110","src_port":28681,"dst_port":55550,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":677,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600705,"flow_src_last_pkt_time":287600705,"flow_dst_last_pkt_time":287600705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.208.110","src_port":28681,"dst_port":55550,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":677,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600705,"flow_src_last_pkt_time":287600705,"flow_dst_last_pkt_time":287600705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.208.110","src_port":28681,"dst_port":55550,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":723,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287683829,"flow_src_last_pkt_time":287683829,"flow_dst_last_pkt_time":287683829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.32.245.121","src_port":28681,"dst_port":12333,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":723,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287683829,"flow_src_last_pkt_time":287683829,"flow_dst_last_pkt_time":287683829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.32.245.121","src_port":28681,"dst_port":12333,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":723,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287683829,"flow_src_last_pkt_time":287683829,"flow_dst_last_pkt_time":287683829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.32.245.121","src_port":28681,"dst_port":12333,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425422,"flow_src_last_pkt_time":287425422,"flow_dst_last_pkt_time":287425422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.205.243.44","src_port":28681,"dst_port":46006,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425422,"flow_src_last_pkt_time":287425422,"flow_dst_last_pkt_time":287425422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.205.243.44","src_port":28681,"dst_port":46006,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":578,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287425422,"flow_src_last_pkt_time":287425422,"flow_dst_last_pkt_time":287425422,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.205.243.44","src_port":28681,"dst_port":46006,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":738,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.127.251","src_port":28681,"dst_port":23897,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":738,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.127.251","src_port":28681,"dst_port":23897,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":738,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.127.251","src_port":28681,"dst_port":23897,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287427637,"flow_src_last_pkt_time":287427637,"flow_dst_last_pkt_time":287522426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":18360,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287427637,"flow_src_last_pkt_time":287427637,"flow_dst_last_pkt_time":287522426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":18360,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":584,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287427637,"flow_src_last_pkt_time":287427637,"flow_dst_last_pkt_time":287522426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":28681,"dst_port":18360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":472,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800408,"flow_src_last_pkt_time":287319339,"flow_dst_last_pkt_time":251800408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":45744,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":471,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800203,"flow_src_last_pkt_time":287319240,"flow_dst_last_pkt_time":251800203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":43457,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288355413,"flow_src_last_pkt_time":288355413,"flow_dst_last_pkt_time":288355413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":48250,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288355413,"flow_src_last_pkt_time":288355413,"flow_dst_last_pkt_time":288355413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":48250,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288355413,"flow_src_last_pkt_time":288355413,"flow_dst_last_pkt_time":288355413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":48250,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":708,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653242,"flow_src_last_pkt_time":287653242,"flow_dst_last_pkt_time":287653242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":64871,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":708,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653242,"flow_src_last_pkt_time":287653242,"flow_dst_last_pkt_time":287653242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":64871,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":708,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653242,"flow_src_last_pkt_time":287653242,"flow_dst_last_pkt_time":287653242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":64871,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310956,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310956,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310956,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801076,"flow_src_last_pkt_time":287319762,"flow_dst_last_pkt_time":251801076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":28681,"dst_port":63172,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801076,"flow_src_last_pkt_time":287319762,"flow_dst_last_pkt_time":251801076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":28681,"dst_port":63172,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":476,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801076,"flow_src_last_pkt_time":287319762,"flow_dst_last_pkt_time":251801076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":28681,"dst_port":63172,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":381,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616903,"flow_src_last_pkt_time":287526058,"flow_dst_last_pkt_time":287598509,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.58.211.52","src_port":28681,"dst_port":3806,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":684,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621585,"flow_src_last_pkt_time":287621585,"flow_dst_last_pkt_time":287621585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54459,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":684,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621585,"flow_src_last_pkt_time":287621585,"flow_dst_last_pkt_time":287621585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54459,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":684,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621585,"flow_src_last_pkt_time":287621585,"flow_dst_last_pkt_time":287621585,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":386,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618410,"flow_src_last_pkt_time":287682903,"flow_dst_last_pkt_time":243618410,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.172.10.90","src_port":28681,"dst_port":40162,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312421,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"136.32.84.139","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01057{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090730,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":287421199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312421,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"136.32.84.139","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312421,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"136.32.84.139","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485157,"flow_src_last_pkt_time":287485157,"flow_dst_last_pkt_time":287485157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":28681,"dst_port":1630,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485157,"flow_src_last_pkt_time":287485157,"flow_dst_last_pkt_time":287485157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":28681,"dst_port":1630,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":620,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485157,"flow_src_last_pkt_time":287485157,"flow_dst_last_pkt_time":287485157,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":28681,"dst_port":1630,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443565,"flow_src_last_pkt_time":287443565,"flow_dst_last_pkt_time":287443565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443565,"flow_src_last_pkt_time":287443565,"flow_dst_last_pkt_time":287443565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":606,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443565,"flow_src_last_pkt_time":287443565,"flow_dst_last_pkt_time":287443565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":692,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287624187,"flow_src_last_pkt_time":287624187,"flow_dst_last_pkt_time":287624187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.93.150.146","src_port":28681,"dst_port":62507,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":692,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287624187,"flow_src_last_pkt_time":287624187,"flow_dst_last_pkt_time":287624187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.93.150.146","src_port":28681,"dst_port":62507,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":692,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287624187,"flow_src_last_pkt_time":287624187,"flow_dst_last_pkt_time":287624187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.93.150.146","src_port":28681,"dst_port":62507,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485511,"flow_src_last_pkt_time":287485511,"flow_dst_last_pkt_time":287485511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53516,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90184128,"flow_src_last_pkt_time":287700104,"flow_dst_last_pkt_time":288014846,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3215,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485511,"flow_src_last_pkt_time":287485511,"flow_dst_last_pkt_time":287485511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53516,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":621,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287485511,"flow_src_last_pkt_time":287485511,"flow_dst_last_pkt_time":287485511,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53516,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":668,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588865,"flow_src_last_pkt_time":287588865,"flow_dst_last_pkt_time":287588865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.18.211.177","src_port":28681,"dst_port":18085,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":668,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588865,"flow_src_last_pkt_time":287588865,"flow_dst_last_pkt_time":287588865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.18.211.177","src_port":28681,"dst_port":18085,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":668,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588865,"flow_src_last_pkt_time":287588865,"flow_dst_last_pkt_time":287588865,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.18.211.177","src_port":28681,"dst_port":18085,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":721,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287683345,"flow_src_last_pkt_time":287683345,"flow_dst_last_pkt_time":287683345,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.26.178.132","src_port":28681,"dst_port":10053,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":721,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287683345,"flow_src_last_pkt_time":287683345,"flow_dst_last_pkt_time":287683345,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.26.178.132","src_port":28681,"dst_port":10053,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":721,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287683345,"flow_src_last_pkt_time":287683345,"flow_dst_last_pkt_time":287683345,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.26.178.132","src_port":28681,"dst_port":10053,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763807,"flow_src_last_pkt_time":287316570,"flow_dst_last_pkt_time":251763807,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":54754,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763807,"flow_src_last_pkt_time":287316570,"flow_dst_last_pkt_time":251763807,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":54754,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":443,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763807,"flow_src_last_pkt_time":287316570,"flow_dst_last_pkt_time":251763807,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.14.31","src_port":28681,"dst_port":54754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":698,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287649195,"flow_src_last_pkt_time":287649195,"flow_dst_last_pkt_time":287649195,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":53906,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":698,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287649195,"flow_src_last_pkt_time":287649195,"flow_dst_last_pkt_time":287649195,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":53906,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":698,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287649195,"flow_src_last_pkt_time":287649195,"flow_dst_last_pkt_time":287649195,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":53906,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":623,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287486202,"flow_src_last_pkt_time":287486202,"flow_dst_last_pkt_time":287486202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":28681,"dst_port":61319,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":623,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287486202,"flow_src_last_pkt_time":287486202,"flow_dst_last_pkt_time":287486202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":28681,"dst_port":61319,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":623,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287486202,"flow_src_last_pkt_time":287486202,"flow_dst_last_pkt_time":287486202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":28681,"dst_port":61319,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":715,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681721,"flow_src_last_pkt_time":287681721,"flow_dst_last_pkt_time":287681721,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.174.174.69","src_port":28681,"dst_port":21358,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":715,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681721,"flow_src_last_pkt_time":287681721,"flow_dst_last_pkt_time":287681721,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.174.174.69","src_port":28681,"dst_port":21358,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":715,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681721,"flow_src_last_pkt_time":287681721,"flow_dst_last_pkt_time":287681721,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.174.174.69","src_port":28681,"dst_port":21358,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287467615,"flow_src_last_pkt_time":287467615,"flow_dst_last_pkt_time":287467615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":60482,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287467615,"flow_src_last_pkt_time":287467615,"flow_dst_last_pkt_time":287467615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":60482,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":615,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287467615,"flow_src_last_pkt_time":287467615,"flow_dst_last_pkt_time":287467615,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":60482,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":290166113,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":290166113,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":747,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":289961626,"flow_src_last_pkt_time":289961626,"flow_dst_last_pkt_time":290166113,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443704,"flow_src_last_pkt_time":287443704,"flow_dst_last_pkt_time":287443704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":42288,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443704,"flow_src_last_pkt_time":287443704,"flow_dst_last_pkt_time":287443704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":42288,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":607,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443704,"flow_src_last_pkt_time":287443704,"flow_dst_last_pkt_time":287443704,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":42288,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":740,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":19814,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":740,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":19814,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":740,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":19814,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428877,"flow_src_last_pkt_time":287428877,"flow_dst_last_pkt_time":287428877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":28681,"dst_port":54130,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428877,"flow_src_last_pkt_time":287428877,"flow_dst_last_pkt_time":287428877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":28681,"dst_port":54130,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":587,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428877,"flow_src_last_pkt_time":287428877,"flow_dst_last_pkt_time":287428877,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342606,"flow_src_last_pkt_time":287680998,"flow_dst_last_pkt_time":288307881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":28681,"dst_port":33527,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342606,"flow_src_last_pkt_time":287680998,"flow_dst_last_pkt_time":288307881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":28681,"dst_port":33527,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":550,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342606,"flow_src_last_pkt_time":287680998,"flow_dst_last_pkt_time":288307881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.238.145.82","src_port":28681,"dst_port":33527,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":689,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623429,"flow_src_last_pkt_time":287623429,"flow_dst_last_pkt_time":287623429,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.36.234.196","src_port":28681,"dst_port":11629,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":689,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623429,"flow_src_last_pkt_time":287623429,"flow_dst_last_pkt_time":287623429,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.36.234.196","src_port":28681,"dst_port":11629,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":689,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623429,"flow_src_last_pkt_time":287623429,"flow_dst_last_pkt_time":287623429,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.36.234.196","src_port":28681,"dst_port":11629,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":671,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599014,"flow_src_last_pkt_time":287599014,"flow_dst_last_pkt_time":287599014,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52669,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90073006,"flow_src_last_pkt_time":287483764,"flow_dst_last_pkt_time":287523854,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3207,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":671,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599014,"flow_src_last_pkt_time":287599014,"flow_dst_last_pkt_time":287599014,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52669,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":671,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599014,"flow_src_last_pkt_time":287599014,"flow_dst_last_pkt_time":287599014,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52669,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442031,"flow_src_last_pkt_time":287442031,"flow_dst_last_pkt_time":287442031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":1512,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442031,"flow_src_last_pkt_time":287442031,"flow_dst_last_pkt_time":287442031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":1512,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":598,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442031,"flow_src_last_pkt_time":287442031,"flow_dst_last_pkt_time":287442031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":28681,"dst_port":1512,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":686,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287622365,"flow_src_last_pkt_time":287622365,"flow_dst_last_pkt_time":287622365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":28681,"dst_port":8349,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":686,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287622365,"flow_src_last_pkt_time":287622365,"flow_dst_last_pkt_time":287622365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":28681,"dst_port":8349,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":686,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287622365,"flow_src_last_pkt_time":287622365,"flow_dst_last_pkt_time":287622365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":28681,"dst_port":8349,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":722,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287683595,"flow_src_last_pkt_time":287683595,"flow_dst_last_pkt_time":287869199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":9897,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":722,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287683595,"flow_src_last_pkt_time":287683595,"flow_dst_last_pkt_time":287869199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":9897,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":722,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287683595,"flow_src_last_pkt_time":287683595,"flow_dst_last_pkt_time":287869199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":9897,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":632,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497017,"flow_src_last_pkt_time":287497017,"flow_dst_last_pkt_time":287497017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":28681,"dst_port":62234,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01058{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":116628965,"flow_src_last_pkt_time":287381237,"flow_dst_last_pkt_time":287357971,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":56,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":592,"flow_dst_tot_l4_payload_len":2531,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":632,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497017,"flow_src_last_pkt_time":287497017,"flow_dst_last_pkt_time":287497017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":28681,"dst_port":62234,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":632,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497017,"flow_src_last_pkt_time":287497017,"flow_dst_last_pkt_time":287497017,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":28681,"dst_port":62234,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429698,"flow_src_last_pkt_time":287429698,"flow_dst_last_pkt_time":287429698,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53707,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429698,"flow_src_last_pkt_time":287429698,"flow_dst_last_pkt_time":287429698,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53707,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":591,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429698,"flow_src_last_pkt_time":287429698,"flow_dst_last_pkt_time":287429698,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53707,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441286,"flow_src_last_pkt_time":287441286,"flow_dst_last_pkt_time":287441286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7375,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441286,"flow_src_last_pkt_time":287441286,"flow_dst_last_pkt_time":287441286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7375,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":594,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441286,"flow_src_last_pkt_time":287441286,"flow_dst_last_pkt_time":287441286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7375,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287467263,"flow_src_last_pkt_time":287467263,"flow_dst_last_pkt_time":287467263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.152.218","src_port":28681,"dst_port":51920,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287467263,"flow_src_last_pkt_time":287467263,"flow_dst_last_pkt_time":287467263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.152.218","src_port":28681,"dst_port":51920,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":614,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287467263,"flow_src_last_pkt_time":287467263,"flow_dst_last_pkt_time":287467263,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.152.218","src_port":28681,"dst_port":51920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484483,"flow_src_last_pkt_time":287484483,"flow_dst_last_pkt_time":287484483,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7380,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484483,"flow_src_last_pkt_time":287484483,"flow_dst_last_pkt_time":287484483,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7380,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":618,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287484483,"flow_src_last_pkt_time":287484483,"flow_dst_last_pkt_time":287484483,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312889,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.144.99.73","src_port":28681,"dst_port":10745,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312889,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.144.99.73","src_port":28681,"dst_port":10745,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312889,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.144.99.73","src_port":28681,"dst_port":10745,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287427173,"flow_src_last_pkt_time":287427173,"flow_dst_last_pkt_time":287642779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":10624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287427173,"flow_src_last_pkt_time":287427173,"flow_dst_last_pkt_time":287642779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":10624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":582,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287427173,"flow_src_last_pkt_time":287427173,"flow_dst_last_pkt_time":287642779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":10624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314783,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.196.216.12","src_port":28681,"dst_port":58910,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314783,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.196.216.12","src_port":28681,"dst_port":58910,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314783,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.196.216.12","src_port":28681,"dst_port":58910,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":568,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385994,"flow_src_last_pkt_time":287385994,"flow_dst_last_pkt_time":287385994,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":56562,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":568,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385994,"flow_src_last_pkt_time":287385994,"flow_dst_last_pkt_time":287385994,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":56562,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":568,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385994,"flow_src_last_pkt_time":287385994,"flow_dst_last_pkt_time":287385994,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.118.77","src_port":28681,"dst_port":56562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764559,"flow_src_last_pkt_time":287316810,"flow_dst_last_pkt_time":251764559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.70.199.107","src_port":28681,"dst_port":60475,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764559,"flow_src_last_pkt_time":287316810,"flow_dst_last_pkt_time":251764559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.70.199.107","src_port":28681,"dst_port":60475,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":446,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764559,"flow_src_last_pkt_time":287316810,"flow_dst_last_pkt_time":251764559,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.70.199.107","src_port":28681,"dst_port":60475,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799958,"flow_src_last_pkt_time":287319131,"flow_dst_last_pkt_time":251799958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":46790,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799958,"flow_src_last_pkt_time":287319131,"flow_dst_last_pkt_time":251799958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":46790,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":470,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799958,"flow_src_last_pkt_time":287319131,"flow_dst_last_pkt_time":251799958,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":46790,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":624,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287486558,"flow_src_last_pkt_time":287486558,"flow_dst_last_pkt_time":287710915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":28681,"dst_port":24751,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":624,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287486558,"flow_src_last_pkt_time":287486558,"flow_dst_last_pkt_time":287710915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":28681,"dst_port":24751,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":624,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287486558,"flow_src_last_pkt_time":287486558,"flow_dst_last_pkt_time":287710915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.209.249.84","src_port":28681,"dst_port":24751,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":630,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287496674,"flow_src_last_pkt_time":287496674,"flow_dst_last_pkt_time":287828000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":61,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":45710,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":630,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287496674,"flow_src_last_pkt_time":287496674,"flow_dst_last_pkt_time":287828000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":61,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":45710,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":630,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287496674,"flow_src_last_pkt_time":287496674,"flow_dst_last_pkt_time":287828000,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":61,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":45710,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":693,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287624470,"flow_src_last_pkt_time":287624470,"flow_dst_last_pkt_time":287624470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":28681,"dst_port":40022,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":693,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287624470,"flow_src_last_pkt_time":287624470,"flow_dst_last_pkt_time":287624470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":28681,"dst_port":40022,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":693,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287624470,"flow_src_last_pkt_time":287624470,"flow_dst_last_pkt_time":287624470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":28681,"dst_port":40022,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443048,"flow_src_last_pkt_time":287443048,"flow_dst_last_pkt_time":287443048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":28681,"dst_port":53291,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443048,"flow_src_last_pkt_time":287443048,"flow_dst_last_pkt_time":287443048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":28681,"dst_port":53291,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":604,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443048,"flow_src_last_pkt_time":287443048,"flow_dst_last_pkt_time":287443048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":28681,"dst_port":53291,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":719,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682733,"flow_src_last_pkt_time":287682733,"flow_dst_last_pkt_time":287682733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.102.208.175","src_port":28681,"dst_port":9167,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":719,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682733,"flow_src_last_pkt_time":287682733,"flow_dst_last_pkt_time":287682733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.102.208.175","src_port":28681,"dst_port":9167,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":719,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682733,"flow_src_last_pkt_time":287682733,"flow_dst_last_pkt_time":287682733,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.102.208.175","src_port":28681,"dst_port":9167,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764749,"flow_src_last_pkt_time":287316900,"flow_dst_last_pkt_time":287495652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764749,"flow_src_last_pkt_time":287316900,"flow_dst_last_pkt_time":287495652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":447,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764749,"flow_src_last_pkt_time":287316900,"flow_dst_last_pkt_time":287495652,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.199.10.60","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765666,"flow_src_last_pkt_time":287317256,"flow_dst_last_pkt_time":251765666,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.35.66.21","src_port":28681,"dst_port":22234,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765666,"flow_src_last_pkt_time":287317256,"flow_dst_last_pkt_time":251765666,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.35.66.21","src_port":28681,"dst_port":22234,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":451,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251765666,"flow_src_last_pkt_time":287317256,"flow_dst_last_pkt_time":251765666,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.35.66.21","src_port":28681,"dst_port":22234,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442403,"flow_src_last_pkt_time":287442403,"flow_dst_last_pkt_time":287442403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.156.63","src_port":28681,"dst_port":60092,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442403,"flow_src_last_pkt_time":287442403,"flow_dst_last_pkt_time":287442403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.156.63","src_port":28681,"dst_port":60092,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":600,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442403,"flow_src_last_pkt_time":287442403,"flow_dst_last_pkt_time":287442403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.156.63","src_port":28681,"dst_port":60092,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":646,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511284,"flow_src_last_pkt_time":287511284,"flow_dst_last_pkt_time":287511284,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49803,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"finished","flow_src_packets_processed":8,"flow_dst_packets_processed":8,"flow_first_seen":89966706,"flow_src_last_pkt_time":287382161,"flow_dst_last_pkt_time":287418265,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":726,"flow_dst_tot_l4_payload_len":4072,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":646,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511284,"flow_src_last_pkt_time":287511284,"flow_dst_last_pkt_time":287511284,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49803,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":646,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511284,"flow_src_last_pkt_time":287511284,"flow_dst_last_pkt_time":287511284,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49803,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":662,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287526491,"flow_src_last_pkt_time":287526491,"flow_dst_last_pkt_time":287526491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":28681,"dst_port":37814,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":662,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287526491,"flow_src_last_pkt_time":287526491,"flow_dst_last_pkt_time":287526491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":28681,"dst_port":37814,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":662,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287526491,"flow_src_last_pkt_time":287526491,"flow_dst_last_pkt_time":287526491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":28681,"dst_port":37814,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287310365,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287954302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":306,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":306,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.161.80.82","src_port":28681,"dst_port":8656,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287310365,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287954302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":306,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":306,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.161.80.82","src_port":28681,"dst_port":8656,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287310365,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287954302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":306,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":306,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.161.80.82","src_port":28681,"dst_port":8656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":627,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287496192,"flow_src_last_pkt_time":287496192,"flow_dst_last_pkt_time":287496192,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49815,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":627,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287496192,"flow_src_last_pkt_time":287496192,"flow_dst_last_pkt_time":287496192,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49815,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":627,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287496192,"flow_src_last_pkt_time":287496192,"flow_dst_last_pkt_time":287496192,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617811,"flow_src_last_pkt_time":287381889,"flow_dst_last_pkt_time":288007245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.64.6.175","src_port":28681,"dst_port":4743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":378,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616362,"flow_src_last_pkt_time":287426947,"flow_dst_last_pkt_time":287785960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.241.204.61","src_port":28681,"dst_port":43366,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":704,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651749,"flow_src_last_pkt_time":287651749,"flow_dst_last_pkt_time":287651749,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.40.67.191","src_port":28681,"dst_port":14971,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":704,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651749,"flow_src_last_pkt_time":287651749,"flow_dst_last_pkt_time":287651749,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.40.67.191","src_port":28681,"dst_port":14971,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":704,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651749,"flow_src_last_pkt_time":287651749,"flow_dst_last_pkt_time":287651749,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.40.67.191","src_port":28681,"dst_port":14971,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":657,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525166,"flow_src_last_pkt_time":287525166,"flow_dst_last_pkt_time":287525166,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54914,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":657,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525166,"flow_src_last_pkt_time":287525166,"flow_dst_last_pkt_time":287525166,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54914,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":657,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525166,"flow_src_last_pkt_time":287525166,"flow_dst_last_pkt_time":287525166,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":728,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698485,"flow_src_last_pkt_time":287698485,"flow_dst_last_pkt_time":287698485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"101.136.187.253","src_port":28681,"dst_port":10914,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":728,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698485,"flow_src_last_pkt_time":287698485,"flow_dst_last_pkt_time":287698485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"101.136.187.253","src_port":28681,"dst_port":10914,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":728,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698485,"flow_src_last_pkt_time":287698485,"flow_dst_last_pkt_time":287698485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"101.136.187.253","src_port":28681,"dst_port":10914,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766760,"flow_src_last_pkt_time":287317745,"flow_dst_last_pkt_time":251766760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.241.112.255","src_port":28681,"dst_port":14766,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766760,"flow_src_last_pkt_time":287317745,"flow_dst_last_pkt_time":251766760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.241.112.255","src_port":28681,"dst_port":14766,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":456,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766760,"flow_src_last_pkt_time":287317745,"flow_dst_last_pkt_time":251766760,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.241.112.255","src_port":28681,"dst_port":14766,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320411,"flow_src_last_pkt_time":287320411,"flow_dst_last_pkt_time":287320411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320411,"flow_src_last_pkt_time":287320411,"flow_dst_last_pkt_time":287320411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":521,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320411,"flow_src_last_pkt_time":287320411,"flow_dst_last_pkt_time":287320411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287312193,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":288223001,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":320,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":320,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.2.62.28","src_port":28681,"dst_port":6387,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287312193,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":288223001,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":320,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":320,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.2.62.28","src_port":28681,"dst_port":6387,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287312193,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":288223001,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":320,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":320,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.2.62.28","src_port":28681,"dst_port":6387,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308439,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.210.81.59","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308439,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.210.81.59","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308439,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.210.81.59","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":375,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243615643,"flow_src_last_pkt_time":287318910,"flow_dst_last_pkt_time":243615643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":28681,"dst_port":27873,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766427,"flow_src_last_pkt_time":287317645,"flow_dst_last_pkt_time":251766427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.153.206.183","src_port":28681,"dst_port":16919,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766427,"flow_src_last_pkt_time":287317645,"flow_dst_last_pkt_time":251766427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.153.206.183","src_port":28681,"dst_port":16919,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":455,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766427,"flow_src_last_pkt_time":287317645,"flow_dst_last_pkt_time":251766427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.153.206.183","src_port":28681,"dst_port":16919,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766030,"flow_src_last_pkt_time":287317454,"flow_dst_last_pkt_time":251766030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.127.26.138","src_port":28681,"dst_port":3083,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766030,"flow_src_last_pkt_time":287317454,"flow_dst_last_pkt_time":251766030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.127.26.138","src_port":28681,"dst_port":3083,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":453,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766030,"flow_src_last_pkt_time":287317454,"flow_dst_last_pkt_time":251766030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.127.26.138","src_port":28681,"dst_port":3083,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310048,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"8.44.149.207","src_port":28681,"dst_port":30551,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310048,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"8.44.149.207","src_port":28681,"dst_port":30551,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310048,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"8.44.149.207","src_port":28681,"dst_port":30551,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01010{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":705,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652154,"flow_src_last_pkt_time":287652154,"flow_dst_last_pkt_time":287652154,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.192.83.59","src_port":28681,"dst_port":33513,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01053{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":287497328,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":705,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652154,"flow_src_last_pkt_time":287652154,"flow_dst_last_pkt_time":287652154,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.192.83.59","src_port":28681,"dst_port":33513,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":705,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652154,"flow_src_last_pkt_time":287652154,"flow_dst_last_pkt_time":287652154,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.192.83.59","src_port":28681,"dst_port":33513,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":642,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287499197,"flow_src_last_pkt_time":287499197,"flow_dst_last_pkt_time":287499197,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.199.103","src_port":28681,"dst_port":2625,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":642,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287499197,"flow_src_last_pkt_time":287499197,"flow_dst_last_pkt_time":287499197,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.199.103","src_port":28681,"dst_port":2625,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":642,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287499197,"flow_src_last_pkt_time":287499197,"flow_dst_last_pkt_time":287499197,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.199.103","src_port":28681,"dst_port":2625,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767408,"flow_src_last_pkt_time":287318133,"flow_dst_last_pkt_time":251767408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.194.116.78","src_port":28681,"dst_port":8342,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767408,"flow_src_last_pkt_time":287318133,"flow_dst_last_pkt_time":251767408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.194.116.78","src_port":28681,"dst_port":8342,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":460,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767408,"flow_src_last_pkt_time":287318133,"flow_dst_last_pkt_time":251767408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"210.194.116.78","src_port":28681,"dst_port":8342,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":718,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682493,"flow_src_last_pkt_time":287682493,"flow_dst_last_pkt_time":287682493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.191.58.38","src_port":28681,"dst_port":48157,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":718,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682493,"flow_src_last_pkt_time":287682493,"flow_dst_last_pkt_time":287682493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.191.58.38","src_port":28681,"dst_port":48157,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":718,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682493,"flow_src_last_pkt_time":287682493,"flow_dst_last_pkt_time":287682493,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.191.58.38","src_port":28681,"dst_port":48157,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":743,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287869766,"flow_src_last_pkt_time":287869766,"flow_dst_last_pkt_time":287869766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":36780,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":743,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287869766,"flow_src_last_pkt_time":287869766,"flow_dst_last_pkt_time":287869766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":36780,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":743,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287869766,"flow_src_last_pkt_time":287869766,"flow_dst_last_pkt_time":287869766,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":36780,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766203,"flow_src_last_pkt_time":287317526,"flow_dst_last_pkt_time":251766203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":23183,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766203,"flow_src_last_pkt_time":287317526,"flow_dst_last_pkt_time":251766203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":23183,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":454,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766203,"flow_src_last_pkt_time":287317526,"flow_dst_last_pkt_time":251766203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":23183,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":675,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600098,"flow_src_last_pkt_time":287600098,"flow_dst_last_pkt_time":287600098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.1.236","src_port":28681,"dst_port":9369,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":675,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600098,"flow_src_last_pkt_time":287600098,"flow_dst_last_pkt_time":287600098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.1.236","src_port":28681,"dst_port":9369,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":675,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287600098,"flow_src_last_pkt_time":287600098,"flow_dst_last_pkt_time":287600098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.1.236","src_port":28681,"dst_port":9369,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":673,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599556,"flow_src_last_pkt_time":287599556,"flow_dst_last_pkt_time":287599556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":4765,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":673,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599556,"flow_src_last_pkt_time":287599556,"flow_dst_last_pkt_time":287599556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":4765,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":673,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599556,"flow_src_last_pkt_time":287599556,"flow_dst_last_pkt_time":287599556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":4765,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":682,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620952,"flow_src_last_pkt_time":287620952,"flow_dst_last_pkt_time":287620952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.220.41.241","src_port":28681,"dst_port":53072,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":682,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620952,"flow_src_last_pkt_time":287620952,"flow_dst_last_pkt_time":287620952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.220.41.241","src_port":28681,"dst_port":53072,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":682,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620952,"flow_src_last_pkt_time":287620952,"flow_dst_last_pkt_time":287620952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.220.41.241","src_port":28681,"dst_port":53072,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":641,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498962,"flow_src_last_pkt_time":287498962,"flow_dst_last_pkt_time":287498962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":65430,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":641,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498962,"flow_src_last_pkt_time":287498962,"flow_dst_last_pkt_time":287498962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":65430,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":641,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498962,"flow_src_last_pkt_time":287498962,"flow_dst_last_pkt_time":287498962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":28681,"dst_port":65430,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":683,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621344,"flow_src_last_pkt_time":287621344,"flow_dst_last_pkt_time":287621344,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":50896,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":683,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621344,"flow_src_last_pkt_time":287621344,"flow_dst_last_pkt_time":287621344,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":50896,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":683,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621344,"flow_src_last_pkt_time":287621344,"flow_dst_last_pkt_time":287621344,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":50896,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":680,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620320,"flow_src_last_pkt_time":287620320,"flow_dst_last_pkt_time":287620320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.83.132","src_port":28681,"dst_port":57131,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":680,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620320,"flow_src_last_pkt_time":287620320,"flow_dst_last_pkt_time":287620320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.83.132","src_port":28681,"dst_port":57131,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":680,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620320,"flow_src_last_pkt_time":287620320,"flow_dst_last_pkt_time":287620320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.83.132","src_port":28681,"dst_port":57131,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":695,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625274,"flow_src_last_pkt_time":287625274,"flow_dst_last_pkt_time":287625274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6514,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":695,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625274,"flow_src_last_pkt_time":287625274,"flow_dst_last_pkt_time":287625274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6514,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":695,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625274,"flow_src_last_pkt_time":287625274,"flow_dst_last_pkt_time":287625274,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6514,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":287319016,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":666,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588251,"flow_src_last_pkt_time":287588251,"flow_dst_last_pkt_time":287588251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.36.106.134","src_port":28681,"dst_port":3927,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893685,"flow_src_last_pkt_time":287318509,"flow_dst_last_pkt_time":287340787,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1668,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":666,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588251,"flow_src_last_pkt_time":287588251,"flow_dst_last_pkt_time":287588251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.36.106.134","src_port":28681,"dst_port":3927,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":666,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588251,"flow_src_last_pkt_time":287588251,"flow_dst_last_pkt_time":287588251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.36.106.134","src_port":28681,"dst_port":3927,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":661,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287526268,"flow_src_last_pkt_time":287526268,"flow_dst_last_pkt_time":287526268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6527,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":661,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287526268,"flow_src_last_pkt_time":287526268,"flow_dst_last_pkt_time":287526268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6527,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":661,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287526268,"flow_src_last_pkt_time":287526268,"flow_dst_last_pkt_time":287526268,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6527,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287468747,"flow_src_last_pkt_time":287468747,"flow_dst_last_pkt_time":287468747,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":28681,"dst_port":18557,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287468747,"flow_src_last_pkt_time":287468747,"flow_dst_last_pkt_time":287468747,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":28681,"dst_port":18557,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":616,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287468747,"flow_src_last_pkt_time":287468747,"flow_dst_last_pkt_time":287468747,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":28681,"dst_port":18557,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":717,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682208,"flow_src_last_pkt_time":287682208,"flow_dst_last_pkt_time":287682208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.249.190.8","src_port":28681,"dst_port":25198,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":717,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682208,"flow_src_last_pkt_time":287682208,"flow_dst_last_pkt_time":287682208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.249.190.8","src_port":28681,"dst_port":25198,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":717,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287682208,"flow_src_last_pkt_time":287682208,"flow_dst_last_pkt_time":287682208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.249.190.8","src_port":28681,"dst_port":25198,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":732,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287699174,"flow_src_last_pkt_time":287699174,"flow_dst_last_pkt_time":287699174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6564,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":732,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287699174,"flow_src_last_pkt_time":287699174,"flow_dst_last_pkt_time":287699174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6564,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":732,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287699174,"flow_src_last_pkt_time":287699174,"flow_dst_last_pkt_time":287699174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6564,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01056{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":124090360,"flow_src_last_pkt_time":287697560,"flow_dst_last_pkt_time":287890845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":388,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243618881,"flow_src_last_pkt_time":287524310,"flow_dst_last_pkt_time":243618881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.7.145.36","src_port":28681,"dst_port":33905,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":736,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859330,"flow_src_last_pkt_time":287859330,"flow_dst_last_pkt_time":287859330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":52420,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":736,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859330,"flow_src_last_pkt_time":287859330,"flow_dst_last_pkt_time":287859330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":52420,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":736,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859330,"flow_src_last_pkt_time":287859330,"flow_dst_last_pkt_time":287859330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":52420,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289962007,"flow_src_last_pkt_time":289962007,"flow_dst_last_pkt_time":289962007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6599,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289962007,"flow_src_last_pkt_time":289962007,"flow_dst_last_pkt_time":289962007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6599,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":289962007,"flow_src_last_pkt_time":289962007,"flow_dst_last_pkt_time":289962007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6599,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":635,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497829,"flow_src_last_pkt_time":287497829,"flow_dst_last_pkt_time":287497829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":28681,"dst_port":47329,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":635,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497829,"flow_src_last_pkt_time":287497829,"flow_dst_last_pkt_time":287497829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":28681,"dst_port":47329,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":635,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497829,"flow_src_last_pkt_time":287497829,"flow_dst_last_pkt_time":287497829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":28681,"dst_port":47329,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287321152,"flow_src_last_pkt_time":287321152,"flow_dst_last_pkt_time":287321152,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.72.149.140","src_port":28681,"dst_port":37848,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01058{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":5,"flow_first_seen":89829104,"flow_src_last_pkt_time":287443257,"flow_dst_last_pkt_time":174144907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":584,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287321152,"flow_src_last_pkt_time":287321152,"flow_dst_last_pkt_time":287321152,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.72.149.140","src_port":28681,"dst_port":37848,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":527,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287321152,"flow_src_last_pkt_time":287321152,"flow_dst_last_pkt_time":287321152,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.72.149.140","src_port":28681,"dst_port":37848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":644,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287510194,"flow_src_last_pkt_time":287547151,"flow_dst_last_pkt_time":287583222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.20.248.147","src_port":28681,"dst_port":30706,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":644,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287510194,"flow_src_last_pkt_time":287547151,"flow_dst_last_pkt_time":287583222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.20.248.147","src_port":28681,"dst_port":30706,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":644,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287510194,"flow_src_last_pkt_time":287547151,"flow_dst_last_pkt_time":287583222,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.20.248.147","src_port":28681,"dst_port":30706,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":712,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287654311,"flow_src_last_pkt_time":287654311,"flow_dst_last_pkt_time":287654311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.129.86.65","src_port":28681,"dst_port":49723,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":712,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287654311,"flow_src_last_pkt_time":287654311,"flow_dst_last_pkt_time":287654311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.129.86.65","src_port":28681,"dst_port":49723,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":712,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287654311,"flow_src_last_pkt_time":287654311,"flow_dst_last_pkt_time":287654311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.129.86.65","src_port":28681,"dst_port":49723,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287383122,"flow_src_last_pkt_time":287383122,"flow_dst_last_pkt_time":287383122,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":6831,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287383122,"flow_src_last_pkt_time":287383122,"flow_dst_last_pkt_time":287383122,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":6831,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":563,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287383122,"flow_src_last_pkt_time":287383122,"flow_dst_last_pkt_time":287383122,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":6831,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311908,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.203.45.107","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311908,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.203.45.107","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311908,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.203.45.107","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":640,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498759,"flow_src_last_pkt_time":287498759,"flow_dst_last_pkt_time":287498759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7849,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":640,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498759,"flow_src_last_pkt_time":287498759,"flow_dst_last_pkt_time":287498759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7849,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":640,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287498759,"flow_src_last_pkt_time":287498759,"flow_dst_last_pkt_time":287498759,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":7849,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":730,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698888,"flow_src_last_pkt_time":287698888,"flow_dst_last_pkt_time":287698888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.47.227.91","src_port":28681,"dst_port":54463,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":730,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698888,"flow_src_last_pkt_time":287698888,"flow_dst_last_pkt_time":287698888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.47.227.91","src_port":28681,"dst_port":54463,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":730,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698888,"flow_src_last_pkt_time":287698888,"flow_dst_last_pkt_time":287698888,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.47.227.91","src_port":28681,"dst_port":54463,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":733,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287699351,"flow_src_last_pkt_time":287743590,"flow_dst_last_pkt_time":287783603,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":28681,"dst_port":39908,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":733,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287699351,"flow_src_last_pkt_time":287743590,"flow_dst_last_pkt_time":287783603,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":28681,"dst_port":39908,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":733,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287699351,"flow_src_last_pkt_time":287743590,"flow_dst_last_pkt_time":287783603,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.168.34.105","src_port":28681,"dst_port":39908,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":634,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497569,"flow_src_last_pkt_time":287497569,"flow_dst_last_pkt_time":287497569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":28681,"dst_port":50679,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":634,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497569,"flow_src_last_pkt_time":287497569,"flow_dst_last_pkt_time":287497569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":28681,"dst_port":50679,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":634,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497569,"flow_src_last_pkt_time":287497569,"flow_dst_last_pkt_time":287497569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":28681,"dst_port":50679,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287444124,"flow_src_last_pkt_time":287444124,"flow_dst_last_pkt_time":287781272,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":28681,"dst_port":4814,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287444124,"flow_src_last_pkt_time":287444124,"flow_dst_last_pkt_time":287781272,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":28681,"dst_port":4814,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":608,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287444124,"flow_src_last_pkt_time":287444124,"flow_dst_last_pkt_time":287781272,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.241.31.96","src_port":28681,"dst_port":4814,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":706,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652670,"flow_src_last_pkt_time":287652670,"flow_dst_last_pkt_time":287652670,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":8658,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01057{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784399,"flow_src_last_pkt_time":287465597,"flow_dst_last_pkt_time":287572441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2511,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":706,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652670,"flow_src_last_pkt_time":287652670,"flow_dst_last_pkt_time":287652670,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":8658,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":706,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652670,"flow_src_last_pkt_time":287652670,"flow_dst_last_pkt_time":287652670,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":8658,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":699,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287649722,"flow_src_last_pkt_time":287837054,"flow_dst_last_pkt_time":287958907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.81.219.111","src_port":28681,"dst_port":19210,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":699,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287649722,"flow_src_last_pkt_time":287837054,"flow_dst_last_pkt_time":287958907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.81.219.111","src_port":28681,"dst_port":19210,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":699,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287649722,"flow_src_last_pkt_time":287837054,"flow_dst_last_pkt_time":287958907,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.81.219.111","src_port":28681,"dst_port":19210,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441473,"flow_src_last_pkt_time":287441473,"flow_dst_last_pkt_time":287441473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.21.156","src_port":28681,"dst_port":13732,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441473,"flow_src_last_pkt_time":287441473,"flow_dst_last_pkt_time":287441473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.21.156","src_port":28681,"dst_port":13732,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":595,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287441473,"flow_src_last_pkt_time":287441473,"flow_dst_last_pkt_time":287441473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.21.156","src_port":28681,"dst_port":13732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":724,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287697736,"flow_src_last_pkt_time":287697736,"flow_dst_last_pkt_time":287697736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":13482,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":724,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287697736,"flow_src_last_pkt_time":287697736,"flow_dst_last_pkt_time":287697736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":13482,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":724,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287697736,"flow_src_last_pkt_time":287697736,"flow_dst_last_pkt_time":287697736,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.39.219.223","src_port":28681,"dst_port":13482,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243615848,"flow_src_last_pkt_time":287381383,"flow_dst_last_pkt_time":287944648,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":73,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":119,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"156.57.42.2","src_port":28681,"dst_port":33476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":674,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599808,"flow_src_last_pkt_time":287599808,"flow_dst_last_pkt_time":287599808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"125.59.215.249","src_port":28681,"dst_port":14571,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":674,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599808,"flow_src_last_pkt_time":287599808,"flow_dst_last_pkt_time":287599808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"125.59.215.249","src_port":28681,"dst_port":14571,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":674,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599808,"flow_src_last_pkt_time":287599808,"flow_dst_last_pkt_time":287599808,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"125.59.215.249","src_port":28681,"dst_port":14571,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466439,"flow_src_last_pkt_time":287466439,"flow_dst_last_pkt_time":287466439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":59384,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466439,"flow_src_last_pkt_time":287466439,"flow_dst_last_pkt_time":287466439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":59384,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":612,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466439,"flow_src_last_pkt_time":287466439,"flow_dst_last_pkt_time":287466439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":59384,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":725,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287697937,"flow_src_last_pkt_time":287697937,"flow_dst_last_pkt_time":287697937,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":9070,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":725,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287697937,"flow_src_last_pkt_time":287697937,"flow_dst_last_pkt_time":287697937,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":9070,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":725,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287697937,"flow_src_last_pkt_time":287697937,"flow_dst_last_pkt_time":287697937,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":9070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":667,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588556,"flow_src_last_pkt_time":287588556,"flow_dst_last_pkt_time":287588556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"159.196.95.223","src_port":28681,"dst_port":2003,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138188,"flow_src_last_pkt_time":287318627,"flow_dst_last_pkt_time":287634909,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3364,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":667,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588556,"flow_src_last_pkt_time":287588556,"flow_dst_last_pkt_time":287588556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"159.196.95.223","src_port":28681,"dst_port":2003,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":667,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287588556,"flow_src_last_pkt_time":287588556,"flow_dst_last_pkt_time":287588556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"159.196.95.223","src_port":28681,"dst_port":2003,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":645,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287510972,"flow_src_last_pkt_time":287510972,"flow_dst_last_pkt_time":287510972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.22.22.94","src_port":28681,"dst_port":34245,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":645,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287510972,"flow_src_last_pkt_time":287510972,"flow_dst_last_pkt_time":287510972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.22.22.94","src_port":28681,"dst_port":34245,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":645,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287510972,"flow_src_last_pkt_time":287510972,"flow_dst_last_pkt_time":287510972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.22.22.94","src_port":28681,"dst_port":34245,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":649,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287511819,"flow_src_last_pkt_time":287511819,"flow_dst_last_pkt_time":287824341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.218.135.222","src_port":28681,"dst_port":4548,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":649,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287511819,"flow_src_last_pkt_time":287511819,"flow_dst_last_pkt_time":287824341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.218.135.222","src_port":28681,"dst_port":4548,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":649,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287511819,"flow_src_last_pkt_time":287511819,"flow_dst_last_pkt_time":287824341,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.218.135.222","src_port":28681,"dst_port":4548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287426310,"flow_src_last_pkt_time":287426310,"flow_dst_last_pkt_time":287647245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.170.108","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01057{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95716693,"flow_src_last_pkt_time":287380885,"flow_dst_last_pkt_time":287440521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1755,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287426310,"flow_src_last_pkt_time":287426310,"flow_dst_last_pkt_time":287647245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.170.108","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":579,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287426310,"flow_src_last_pkt_time":287426310,"flow_dst_last_pkt_time":287647245,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.170.108","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":678,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619126,"flow_src_last_pkt_time":287619126,"flow_dst_last_pkt_time":287619126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":9128,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":678,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619126,"flow_src_last_pkt_time":287619126,"flow_dst_last_pkt_time":287619126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":9128,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":678,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619126,"flow_src_last_pkt_time":287619126,"flow_dst_last_pkt_time":287619126,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.83.5","src_port":28681,"dst_port":9128,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":707,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652991,"flow_src_last_pkt_time":287652991,"flow_dst_last_pkt_time":287652991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":1968,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":707,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652991,"flow_src_last_pkt_time":287652991,"flow_dst_last_pkt_time":287652991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":1968,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":707,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287652991,"flow_src_last_pkt_time":287652991,"flow_dst_last_pkt_time":287652991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":1968,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":655,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524531,"flow_src_last_pkt_time":287524531,"flow_dst_last_pkt_time":287524531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":28681,"dst_port":44616,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":655,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524531,"flow_src_last_pkt_time":287524531,"flow_dst_last_pkt_time":287524531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":28681,"dst_port":44616,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":655,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524531,"flow_src_last_pkt_time":287524531,"flow_dst_last_pkt_time":287524531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":28681,"dst_port":44616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":726,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698136,"flow_src_last_pkt_time":287698136,"flow_dst_last_pkt_time":287698136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.91.30.216","src_port":28681,"dst_port":61635,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":726,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698136,"flow_src_last_pkt_time":287698136,"flow_dst_last_pkt_time":287698136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.91.30.216","src_port":28681,"dst_port":61635,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":726,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698136,"flow_src_last_pkt_time":287698136,"flow_dst_last_pkt_time":287698136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.91.30.216","src_port":28681,"dst_port":61635,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00782{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01058{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":95893239,"flow_src_last_pkt_time":287522940,"flow_dst_last_pkt_time":287579763,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":246,"flow_dst_tot_l4_payload_len":1785,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00825{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00738{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":90864578,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":287337870,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":1077,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":53489,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":669,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287589149,"flow_src_last_pkt_time":287589149,"flow_dst_last_pkt_time":287589149,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":64731,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":669,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287589149,"flow_src_last_pkt_time":287589149,"flow_dst_last_pkt_time":287589149,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":64731,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":669,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287589149,"flow_src_last_pkt_time":287589149,"flow_dst_last_pkt_time":287589149,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":64731,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":742,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":4364,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90039406,"flow_src_last_pkt_time":287381612,"flow_dst_last_pkt_time":287415538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4817,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":742,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":4364,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":742,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859998,"flow_src_last_pkt_time":287859998,"flow_dst_last_pkt_time":287859998,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":4364,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":697,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287648701,"flow_src_last_pkt_time":287648701,"flow_dst_last_pkt_time":287648701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":55050,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":697,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287648701,"flow_src_last_pkt_time":287648701,"flow_dst_last_pkt_time":287648701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":55050,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":697,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287648701,"flow_src_last_pkt_time":287648701,"flow_dst_last_pkt_time":287648701,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":55050,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428427,"flow_src_last_pkt_time":287428427,"flow_dst_last_pkt_time":287428427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":35004,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428427,"flow_src_last_pkt_time":287428427,"flow_dst_last_pkt_time":287428427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":35004,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":585,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287428427,"flow_src_last_pkt_time":287428427,"flow_dst_last_pkt_time":287428427,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":35004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311299,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.156.58.211","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311299,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.156.58.211","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311299,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.156.58.211","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312665,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.4.204.220","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312665,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.4.204.220","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312665,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.4.204.220","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":687,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287622813,"flow_src_last_pkt_time":287622813,"flow_dst_last_pkt_time":287622813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":13965,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":687,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287622813,"flow_src_last_pkt_time":287622813,"flow_dst_last_pkt_time":287622813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":13965,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":687,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287622813,"flow_src_last_pkt_time":287622813,"flow_dst_last_pkt_time":287622813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":13965,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":663,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287532984,"flow_src_last_pkt_time":287836880,"flow_dst_last_pkt_time":288223086,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.59.117.166","src_port":28681,"dst_port":33192,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":663,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287532984,"flow_src_last_pkt_time":287836880,"flow_dst_last_pkt_time":288223086,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.59.117.166","src_port":28681,"dst_port":33192,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":663,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287532984,"flow_src_last_pkt_time":287836880,"flow_dst_last_pkt_time":288223086,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.59.117.166","src_port":28681,"dst_port":33192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442727,"flow_src_last_pkt_time":287442727,"flow_dst_last_pkt_time":287442727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":53658,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442727,"flow_src_last_pkt_time":287442727,"flow_dst_last_pkt_time":287442727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":53658,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":602,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442727,"flow_src_last_pkt_time":287442727,"flow_dst_last_pkt_time":287442727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":53658,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429288,"flow_src_last_pkt_time":287429288,"flow_dst_last_pkt_time":287429288,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":52647,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429288,"flow_src_last_pkt_time":287429288,"flow_dst_last_pkt_time":287429288,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":52647,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":589,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429288,"flow_src_last_pkt_time":287429288,"flow_dst_last_pkt_time":287429288,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":52647,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":654,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524138,"flow_src_last_pkt_time":287524138,"flow_dst_last_pkt_time":287524138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.12.1.136","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":654,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524138,"flow_src_last_pkt_time":287524138,"flow_dst_last_pkt_time":287524138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.12.1.136","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":654,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287524138,"flow_src_last_pkt_time":287524138,"flow_dst_last_pkt_time":287524138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.12.1.136","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":458,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767115,"flow_src_last_pkt_time":287317920,"flow_dst_last_pkt_time":251767115,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.228.167","src_port":28681,"dst_port":12201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320881,"flow_src_last_pkt_time":287320881,"flow_dst_last_pkt_time":287320881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":52660,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320881,"flow_src_last_pkt_time":287320881,"flow_dst_last_pkt_time":287320881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":52660,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":525,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320881,"flow_src_last_pkt_time":287320881,"flow_dst_last_pkt_time":287320881,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":28681,"dst_port":52660,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466034,"flow_src_last_pkt_time":287466034,"flow_dst_last_pkt_time":287466034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.10.174.159","src_port":28681,"dst_port":4841,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466034,"flow_src_last_pkt_time":287466034,"flow_dst_last_pkt_time":287466034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.10.174.159","src_port":28681,"dst_port":4841,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":611,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466034,"flow_src_last_pkt_time":287466034,"flow_dst_last_pkt_time":287466034,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.10.174.159","src_port":28681,"dst_port":4841,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314573,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"209.204.207.5","src_port":28681,"dst_port":49256,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":287526703,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":271,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314573,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"209.204.207.5","src_port":28681,"dst_port":49256,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314573,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"209.204.207.5","src_port":28681,"dst_port":49256,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":735,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287858940,"flow_src_last_pkt_time":287858940,"flow_dst_last_pkt_time":287858940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":28681,"dst_port":4297,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":735,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287858940,"flow_src_last_pkt_time":287858940,"flow_dst_last_pkt_time":287858940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":28681,"dst_port":4297,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":735,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287858940,"flow_src_last_pkt_time":287858940,"flow_dst_last_pkt_time":287858940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":28681,"dst_port":4297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":628,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287496358,"flow_src_last_pkt_time":287714018,"flow_dst_last_pkt_time":288483516,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":28681,"dst_port":46843,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":628,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287496358,"flow_src_last_pkt_time":287714018,"flow_dst_last_pkt_time":288483516,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":28681,"dst_port":46843,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":628,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287496358,"flow_src_last_pkt_time":287714018,"flow_dst_last_pkt_time":288483516,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.62.225.181","src_port":28681,"dst_port":46843,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":380,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616746,"flow_src_last_pkt_time":287422960,"flow_dst_last_pkt_time":287697244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.86.49.195","src_port":28681,"dst_port":12019,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":703,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651373,"flow_src_last_pkt_time":287651373,"flow_dst_last_pkt_time":287651373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10728,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":703,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651373,"flow_src_last_pkt_time":287651373,"flow_dst_last_pkt_time":287651373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10728,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":703,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287651373,"flow_src_last_pkt_time":287651373,"flow_dst_last_pkt_time":287651373,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":651,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523242,"flow_src_last_pkt_time":287523242,"flow_dst_last_pkt_time":287523242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.47.227.91","src_port":28681,"dst_port":58856,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":651,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523242,"flow_src_last_pkt_time":287523242,"flow_dst_last_pkt_time":287523242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.47.227.91","src_port":28681,"dst_port":58856,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":651,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523242,"flow_src_last_pkt_time":287523242,"flow_dst_last_pkt_time":287523242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.47.227.91","src_port":28681,"dst_port":58856,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287426741,"flow_src_last_pkt_time":287426741,"flow_dst_last_pkt_time":287426741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.108.10","src_port":28681,"dst_port":4641,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287426741,"flow_src_last_pkt_time":287426741,"flow_dst_last_pkt_time":287426741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.108.10","src_port":28681,"dst_port":4641,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":581,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287426741,"flow_src_last_pkt_time":287426741,"flow_dst_last_pkt_time":287426741,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.108.10","src_port":28681,"dst_port":4641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466863,"flow_src_last_pkt_time":287466863,"flow_dst_last_pkt_time":287466863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"106.104.88.139","src_port":28681,"dst_port":7423,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466863,"flow_src_last_pkt_time":287466863,"flow_dst_last_pkt_time":287466863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"106.104.88.139","src_port":28681,"dst_port":7423,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":613,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287466863,"flow_src_last_pkt_time":287466863,"flow_dst_last_pkt_time":287466863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"106.104.88.139","src_port":28681,"dst_port":7423,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287427413,"flow_src_last_pkt_time":287427413,"flow_dst_last_pkt_time":287427413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.75.180.80","src_port":28681,"dst_port":35361,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287427413,"flow_src_last_pkt_time":287427413,"flow_dst_last_pkt_time":287427413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.75.180.80","src_port":28681,"dst_port":35361,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":583,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287427413,"flow_src_last_pkt_time":287427413,"flow_dst_last_pkt_time":287427413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.75.180.80","src_port":28681,"dst_port":35361,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":672,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599291,"flow_src_last_pkt_time":287599291,"flow_dst_last_pkt_time":287599291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.218.135.222","src_port":28681,"dst_port":49867,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":672,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599291,"flow_src_last_pkt_time":287599291,"flow_dst_last_pkt_time":287599291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.218.135.222","src_port":28681,"dst_port":49867,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":672,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287599291,"flow_src_last_pkt_time":287599291,"flow_dst_last_pkt_time":287599291,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.218.135.222","src_port":28681,"dst_port":49867,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287424448,"flow_src_last_pkt_time":287424448,"flow_dst_last_pkt_time":287697275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287424448,"flow_src_last_pkt_time":287424448,"flow_dst_last_pkt_time":287697275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":574,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287424448,"flow_src_last_pkt_time":287424448,"flow_dst_last_pkt_time":287697275,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":679,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619767,"flow_src_last_pkt_time":287619767,"flow_dst_last_pkt_time":287619767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"150.116.225.105","src_port":28681,"dst_port":51438,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":679,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619767,"flow_src_last_pkt_time":287619767,"flow_dst_last_pkt_time":287619767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"150.116.225.105","src_port":28681,"dst_port":51438,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":679,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287619767,"flow_src_last_pkt_time":287619767,"flow_dst_last_pkt_time":287619767,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"150.116.225.105","src_port":28681,"dst_port":51438,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316018,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316018,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316018,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":716,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681933,"flow_src_last_pkt_time":287681933,"flow_dst_last_pkt_time":287681933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.72.88","src_port":28681,"dst_port":58808,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":716,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681933,"flow_src_last_pkt_time":287681933,"flow_dst_last_pkt_time":287681933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.72.88","src_port":28681,"dst_port":58808,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":716,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681933,"flow_src_last_pkt_time":287681933,"flow_dst_last_pkt_time":287681933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.72.88","src_port":28681,"dst_port":58808,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":660,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525885,"flow_src_last_pkt_time":287525885,"flow_dst_last_pkt_time":287525885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10791,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":660,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525885,"flow_src_last_pkt_time":287525885,"flow_dst_last_pkt_time":287525885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10791,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":660,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525885,"flow_src_last_pkt_time":287525885,"flow_dst_last_pkt_time":287525885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10791,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766954,"flow_src_last_pkt_time":287317823,"flow_dst_last_pkt_time":251766954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.240.113","src_port":28681,"dst_port":13867,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766954,"flow_src_last_pkt_time":287317823,"flow_dst_last_pkt_time":251766954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.240.113","src_port":28681,"dst_port":13867,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":457,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251766954,"flow_src_last_pkt_time":287317823,"flow_dst_last_pkt_time":251766954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.240.113","src_port":28681,"dst_port":13867,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287384891,"flow_src_last_pkt_time":287384891,"flow_dst_last_pkt_time":287384891,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53144,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287384891,"flow_src_last_pkt_time":287384891,"flow_dst_last_pkt_time":287384891,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53144,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":564,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287384891,"flow_src_last_pkt_time":287384891,"flow_dst_last_pkt_time":287384891,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53144,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":648,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511632,"flow_src_last_pkt_time":287511632,"flow_dst_last_pkt_time":287511632,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":58290,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":648,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511632,"flow_src_last_pkt_time":287511632,"flow_dst_last_pkt_time":287511632,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":58290,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":648,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287511632,"flow_src_last_pkt_time":287511632,"flow_dst_last_pkt_time":287511632,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.18.212.223","src_port":28681,"dst_port":58290,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":700,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287650240,"flow_src_last_pkt_time":287650240,"flow_dst_last_pkt_time":287650240,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.222.213.44","src_port":28681,"dst_port":26536,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":700,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287650240,"flow_src_last_pkt_time":287650240,"flow_dst_last_pkt_time":287650240,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.222.213.44","src_port":28681,"dst_port":26536,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":700,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287650240,"flow_src_last_pkt_time":287650240,"flow_dst_last_pkt_time":287650240,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.222.213.44","src_port":28681,"dst_port":26536,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":652,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523472,"flow_src_last_pkt_time":287523472,"flow_dst_last_pkt_time":287523472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.156.63","src_port":28681,"dst_port":65023,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":652,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523472,"flow_src_last_pkt_time":287523472,"flow_dst_last_pkt_time":287523472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.156.63","src_port":28681,"dst_port":65023,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":652,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523472,"flow_src_last_pkt_time":287523472,"flow_dst_last_pkt_time":287523472,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.64.156.63","src_port":28681,"dst_port":65023,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":659,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525665,"flow_src_last_pkt_time":287525665,"flow_dst_last_pkt_time":287525665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":8075,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":659,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525665,"flow_src_last_pkt_time":287525665,"flow_dst_last_pkt_time":287525665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":8075,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":659,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525665,"flow_src_last_pkt_time":287525665,"flow_dst_last_pkt_time":287525665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":8075,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":713,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681281,"flow_src_last_pkt_time":287681281,"flow_dst_last_pkt_time":287681281,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":59978,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":713,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681281,"flow_src_last_pkt_time":287681281,"flow_dst_last_pkt_time":287681281,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":59978,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":713,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287681281,"flow_src_last_pkt_time":287681281,"flow_dst_last_pkt_time":287681281,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.187.74.173","src_port":28681,"dst_port":59978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":658,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525447,"flow_src_last_pkt_time":287525447,"flow_dst_last_pkt_time":287525447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53195,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":658,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525447,"flow_src_last_pkt_time":287525447,"flow_dst_last_pkt_time":287525447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53195,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":658,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287525447,"flow_src_last_pkt_time":287525447,"flow_dst_last_pkt_time":287525447,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287424939,"flow_src_last_pkt_time":287424939,"flow_dst_last_pkt_time":287424939,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":42925,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01061{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":174303564,"flow_src_last_pkt_time":287488029,"flow_dst_last_pkt_time":287509796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":170,"flow_dst_tot_l4_payload_len":1040,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287424939,"flow_src_last_pkt_time":287424939,"flow_dst_last_pkt_time":287424939,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":42925,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":576,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287424939,"flow_src_last_pkt_time":287424939,"flow_dst_last_pkt_time":287424939,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":42925,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287387000,"flow_src_last_pkt_time":287557061,"flow_dst_last_pkt_time":287752626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287387000,"flow_src_last_pkt_time":287557061,"flow_dst_last_pkt_time":287752626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":570,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287387000,"flow_src_last_pkt_time":287557061,"flow_dst_last_pkt_time":287752626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":681,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620673,"flow_src_last_pkt_time":287620673,"flow_dst_last_pkt_time":287620673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.227.198.100","src_port":28681,"dst_port":6910,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":681,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620673,"flow_src_last_pkt_time":287620673,"flow_dst_last_pkt_time":287620673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.227.198.100","src_port":28681,"dst_port":6910,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":681,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287620673,"flow_src_last_pkt_time":287620673,"flow_dst_last_pkt_time":287620673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.227.198.100","src_port":28681,"dst_port":6910,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310684,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.143.34.225","src_port":28681,"dst_port":20071,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310684,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.143.34.225","src_port":28681,"dst_port":20071,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310684,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.143.34.225","src_port":28681,"dst_port":20071,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385508,"flow_src_last_pkt_time":287385508,"flow_dst_last_pkt_time":287385508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.176.62.40","src_port":28681,"dst_port":52755,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385508,"flow_src_last_pkt_time":287385508,"flow_dst_last_pkt_time":287385508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.176.62.40","src_port":28681,"dst_port":52755,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":566,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385508,"flow_src_last_pkt_time":287385508,"flow_dst_last_pkt_time":287385508,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.176.62.40","src_port":28681,"dst_port":52755,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314979,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.114.40.175","src_port":28681,"dst_port":23552,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314979,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.114.40.175","src_port":28681,"dst_port":23552,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314979,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.114.40.175","src_port":28681,"dst_port":23552,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442230,"flow_src_last_pkt_time":287442230,"flow_dst_last_pkt_time":287442230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":59875,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442230,"flow_src_last_pkt_time":287442230,"flow_dst_last_pkt_time":287442230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":59875,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":599,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442230,"flow_src_last_pkt_time":287442230,"flow_dst_last_pkt_time":287442230,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":59875,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287315710,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":288490528,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":314,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":314,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.162.27","src_port":28681,"dst_port":7986,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287315710,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":288490528,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":314,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":314,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.162.27","src_port":28681,"dst_port":7986,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287315710,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":288490528,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":314,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":314,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.162.27","src_port":28681,"dst_port":7986,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316233,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":8070,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316233,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":8070,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316233,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":8070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442550,"flow_src_last_pkt_time":287442550,"flow_dst_last_pkt_time":287442550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":28681,"dst_port":65274,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442550,"flow_src_last_pkt_time":287442550,"flow_dst_last_pkt_time":287442550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":28681,"dst_port":65274,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":601,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287442550,"flow_src_last_pkt_time":287442550,"flow_dst_last_pkt_time":287442550,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":28681,"dst_port":65274,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01017{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":639,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287498581,"flow_src_last_pkt_time":287498581,"flow_dst_last_pkt_time":287719864,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":28681,"dst_port":15068,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01060{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":9,"flow_first_seen":90005045,"flow_src_last_pkt_time":287553240,"flow_dst_last_pkt_time":287678696,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":807,"flow_dst_tot_l4_payload_len":4798,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":639,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287498581,"flow_src_last_pkt_time":287498581,"flow_dst_last_pkt_time":287719864,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":28681,"dst_port":15068,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":639,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287498581,"flow_src_last_pkt_time":287498581,"flow_dst_last_pkt_time":287719864,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.242.225","src_port":28681,"dst_port":15068,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768320,"flow_src_last_pkt_time":287318727,"flow_dst_last_pkt_time":287699802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":28681,"dst_port":28365,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768320,"flow_src_last_pkt_time":287318727,"flow_dst_last_pkt_time":287699802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":28681,"dst_port":28365,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":463,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768320,"flow_src_last_pkt_time":287318727,"flow_dst_last_pkt_time":287699802,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":28681,"dst_port":28365,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":727,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698314,"flow_src_last_pkt_time":287698314,"flow_dst_last_pkt_time":287698314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.171.82.65","src_port":28681,"dst_port":50072,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":727,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698314,"flow_src_last_pkt_time":287698314,"flow_dst_last_pkt_time":287698314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.171.82.65","src_port":28681,"dst_port":50072,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":727,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698314,"flow_src_last_pkt_time":287698314,"flow_dst_last_pkt_time":287698314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.171.82.65","src_port":28681,"dst_port":50072,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765853,"flow_src_last_pkt_time":287317359,"flow_dst_last_pkt_time":287440578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.227.193.37","src_port":28681,"dst_port":27481,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765853,"flow_src_last_pkt_time":287317359,"flow_dst_last_pkt_time":287440578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.227.193.37","src_port":28681,"dst_port":27481,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":452,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251765853,"flow_src_last_pkt_time":287317359,"flow_dst_last_pkt_time":287440578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.227.193.37","src_port":28681,"dst_port":27481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287444268,"flow_src_last_pkt_time":287444268,"flow_dst_last_pkt_time":287749515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":28681,"dst_port":23461,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287444268,"flow_src_last_pkt_time":287444268,"flow_dst_last_pkt_time":287749515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":28681,"dst_port":23461,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":609,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287444268,"flow_src_last_pkt_time":287444268,"flow_dst_last_pkt_time":287749515,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":28681,"dst_port":23461,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":737,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859671,"flow_src_last_pkt_time":287859671,"flow_dst_last_pkt_time":287859671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.252.163","src_port":28681,"dst_port":14391,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":737,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859671,"flow_src_last_pkt_time":287859671,"flow_dst_last_pkt_time":287859671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.252.163","src_port":28681,"dst_port":14391,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":737,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287859671,"flow_src_last_pkt_time":287859671,"flow_dst_last_pkt_time":287859671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.252.163","src_port":28681,"dst_port":14391,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764953,"flow_src_last_pkt_time":287316986,"flow_dst_last_pkt_time":287579860,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":15677,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764953,"flow_src_last_pkt_time":287316986,"flow_dst_last_pkt_time":287579860,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":15677,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":448,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251764953,"flow_src_last_pkt_time":287316986,"flow_dst_last_pkt_time":287579860,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":15677,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342496,"flow_src_last_pkt_time":287422583,"flow_dst_last_pkt_time":287495611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.211.151.48","src_port":28681,"dst_port":11105,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342496,"flow_src_last_pkt_time":287422583,"flow_dst_last_pkt_time":287495611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.211.151.48","src_port":28681,"dst_port":11105,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":549,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342496,"flow_src_last_pkt_time":287422583,"flow_dst_last_pkt_time":287495611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.211.151.48","src_port":28681,"dst_port":11105,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767266,"flow_src_last_pkt_time":287318019,"flow_dst_last_pkt_time":251767266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.89.84.59","src_port":28681,"dst_port":11603,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767266,"flow_src_last_pkt_time":287318019,"flow_dst_last_pkt_time":251767266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.89.84.59","src_port":28681,"dst_port":11603,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":459,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767266,"flow_src_last_pkt_time":287318019,"flow_dst_last_pkt_time":251767266,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.89.84.59","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":626,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287487269,"flow_src_last_pkt_time":287487269,"flow_dst_last_pkt_time":287487269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":49737,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":626,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287487269,"flow_src_last_pkt_time":287487269,"flow_dst_last_pkt_time":287487269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":49737,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":626,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287487269,"flow_src_last_pkt_time":287487269,"flow_dst_last_pkt_time":287487269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":28681,"dst_port":49737,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287426528,"flow_src_last_pkt_time":287426528,"flow_dst_last_pkt_time":287426528,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287426528,"flow_src_last_pkt_time":287426528,"flow_dst_last_pkt_time":287426528,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":580,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287426528,"flow_src_last_pkt_time":287426528,"flow_dst_last_pkt_time":287426528,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01011{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":625,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287486927,"flow_src_last_pkt_time":287486927,"flow_dst_last_pkt_time":287486927,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":57492,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01054{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":287321365,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":625,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287486927,"flow_src_last_pkt_time":287486927,"flow_dst_last_pkt_time":287486927,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":57492,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":625,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287486927,"flow_src_last_pkt_time":287486927,"flow_dst_last_pkt_time":287486927,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":57492,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385752,"flow_src_last_pkt_time":287385752,"flow_dst_last_pkt_time":287385752,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.176.62.40","src_port":28681,"dst_port":52889,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385752,"flow_src_last_pkt_time":287385752,"flow_dst_last_pkt_time":287385752,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.176.62.40","src_port":28681,"dst_port":52889,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":567,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385752,"flow_src_last_pkt_time":287385752,"flow_dst_last_pkt_time":287385752,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.176.62.40","src_port":28681,"dst_port":52889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":685,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621967,"flow_src_last_pkt_time":287621967,"flow_dst_last_pkt_time":287621967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":54436,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":685,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621967,"flow_src_last_pkt_time":287621967,"flow_dst_last_pkt_time":287621967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":54436,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":685,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287621967,"flow_src_last_pkt_time":287621967,"flow_dst_last_pkt_time":287621967,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":54436,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":744,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287977566,"flow_src_last_pkt_time":288181360,"flow_dst_last_pkt_time":288382894,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":744,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287977566,"flow_src_last_pkt_time":288181360,"flow_dst_last_pkt_time":288382894,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":744,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287977566,"flow_src_last_pkt_time":288181360,"flow_dst_last_pkt_time":288382894,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"27.94.154.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":731,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287699061,"flow_src_last_pkt_time":287699061,"flow_dst_last_pkt_time":287699061,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.217.188.105","src_port":28681,"dst_port":62849,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01056{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":95784128,"flow_src_last_pkt_time":287510470,"flow_dst_last_pkt_time":287857497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":327,"flow_dst_tot_l4_payload_len":2512,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":731,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287699061,"flow_src_last_pkt_time":287699061,"flow_dst_last_pkt_time":287699061,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.217.188.105","src_port":28681,"dst_port":62849,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":731,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287699061,"flow_src_last_pkt_time":287699061,"flow_dst_last_pkt_time":287699061,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.217.188.105","src_port":28681,"dst_port":62849,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":711,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287654106,"flow_src_last_pkt_time":287654106,"flow_dst_last_pkt_time":287654106,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.254.140.225","src_port":28681,"dst_port":63637,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":711,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287654106,"flow_src_last_pkt_time":287654106,"flow_dst_last_pkt_time":287654106,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.254.140.225","src_port":28681,"dst_port":63637,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":711,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287654106,"flow_src_last_pkt_time":287654106,"flow_dst_last_pkt_time":287654106,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.254.140.225","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":710,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653866,"flow_src_last_pkt_time":287653866,"flow_dst_last_pkt_time":287653866,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":3624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":710,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653866,"flow_src_last_pkt_time":287653866,"flow_dst_last_pkt_time":287653866,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":3624,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":710,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653866,"flow_src_last_pkt_time":287653866,"flow_dst_last_pkt_time":287653866,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.16.121.156","src_port":28681,"dst_port":3624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":688,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623141,"flow_src_last_pkt_time":287623141,"flow_dst_last_pkt_time":287623141,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":53454,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":688,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623141,"flow_src_last_pkt_time":287623141,"flow_dst_last_pkt_time":287623141,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":53454,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":688,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623141,"flow_src_last_pkt_time":287623141,"flow_dst_last_pkt_time":287623141,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":53454,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764380,"flow_src_last_pkt_time":287316765,"flow_dst_last_pkt_time":251764380,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.153.100","src_port":28681,"dst_port":4509,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764380,"flow_src_last_pkt_time":287316765,"flow_dst_last_pkt_time":251764380,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.153.100","src_port":28681,"dst_port":4509,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":445,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251764380,"flow_src_last_pkt_time":287316765,"flow_dst_last_pkt_time":251764380,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.165.153.100","src_port":28681,"dst_port":4509,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01014{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314125,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.94.85.113","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01057{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"finished","flow_src_packets_processed":7,"flow_dst_packets_processed":7,"flow_first_seen":90138420,"flow_src_last_pkt_time":287441093,"flow_dst_last_pkt_time":287483363,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":645,"flow_dst_tot_l4_payload_len":3345,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314125,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.94.85.113","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314125,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.94.85.113","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":653,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523680,"flow_src_last_pkt_time":287523680,"flow_dst_last_pkt_time":287523680,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.139.21.182","src_port":28681,"dst_port":50110,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":653,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523680,"flow_src_last_pkt_time":287523680,"flow_dst_last_pkt_time":287523680,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.139.21.182","src_port":28681,"dst_port":50110,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":653,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287523680,"flow_src_last_pkt_time":287523680,"flow_dst_last_pkt_time":287523680,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.139.21.182","src_port":28681,"dst_port":50110,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309691,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.100.76.123","src_port":28681,"dst_port":39628,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309691,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.100.76.123","src_port":28681,"dst_port":39628,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309691,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.100.76.123","src_port":28681,"dst_port":39628,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":569,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287386762,"flow_src_last_pkt_time":291154795,"flow_dst_last_pkt_time":294825827,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":28681,"dst_port":50649,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":569,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287386762,"flow_src_last_pkt_time":291154795,"flow_dst_last_pkt_time":294825827,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":28681,"dst_port":50649,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":569,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287386762,"flow_src_last_pkt_time":291154795,"flow_dst_last_pkt_time":294825827,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":28681,"dst_port":50649,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":393,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":243619673,"flow_src_last_pkt_time":287426068,"flow_dst_last_pkt_time":243619673,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.115.158.103","src_port":28681,"dst_port":5110,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768524,"flow_src_last_pkt_time":287318821,"flow_dst_last_pkt_time":287532561,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"101.128.66.8","src_port":28681,"dst_port":34512,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768524,"flow_src_last_pkt_time":287318821,"flow_dst_last_pkt_time":287532561,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"101.128.66.8","src_port":28681,"dst_port":34512,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":464,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":251768524,"flow_src_last_pkt_time":287318821,"flow_dst_last_pkt_time":287532561,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"101.128.66.8","src_port":28681,"dst_port":34512,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315207,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.137.106.173","src_port":28681,"dst_port":11625,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315207,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.137.106.173","src_port":28681,"dst_port":11625,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315207,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.137.106.173","src_port":28681,"dst_port":11625,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320529,"flow_src_last_pkt_time":287320529,"flow_dst_last_pkt_time":287320529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.152.218","src_port":28681,"dst_port":51153,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320529,"flow_src_last_pkt_time":287320529,"flow_dst_last_pkt_time":287320529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.152.218","src_port":28681,"dst_port":51153,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":522,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287320529,"flow_src_last_pkt_time":287320529,"flow_dst_last_pkt_time":287320529,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.152.218","src_port":28681,"dst_port":51153,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801900,"flow_src_last_pkt_time":287320181,"flow_dst_last_pkt_time":251801900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.74.26","src_port":28681,"dst_port":65498,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801900,"flow_src_last_pkt_time":287320181,"flow_dst_last_pkt_time":251801900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.74.26","src_port":28681,"dst_port":65498,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":480,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251801900,"flow_src_last_pkt_time":287320181,"flow_dst_last_pkt_time":251801900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.74.26","src_port":28681,"dst_port":65498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":382,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243617142,"flow_src_last_pkt_time":287443836,"flow_dst_last_pkt_time":287618162,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":63,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":109,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.175.11.126","src_port":28681,"dst_port":40958,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429503,"flow_src_last_pkt_time":287429503,"flow_dst_last_pkt_time":287429503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":48380,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429503,"flow_src_last_pkt_time":287429503,"flow_dst_last_pkt_time":287429503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":48380,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":590,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429503,"flow_src_last_pkt_time":287429503,"flow_dst_last_pkt_time":287429503,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":48380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767708,"flow_src_last_pkt_time":287318322,"flow_dst_last_pkt_time":251767708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":47808,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767708,"flow_src_last_pkt_time":287318322,"flow_dst_last_pkt_time":251767708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":47808,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":462,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251767708,"flow_src_last_pkt_time":287318322,"flow_dst_last_pkt_time":251767708,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":47808,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00970{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443413,"flow_src_last_pkt_time":287443413,"flow_dst_last_pkt_time":287443413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.149.125.139","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"2":"Match by IP"},"proto":"Tor","proto_id":"163","encrypted":1,"breed":"Potentially Dangerous","category_id":2,"category":"VPN"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443413,"flow_src_last_pkt_time":287443413,"flow_dst_last_pkt_time":287443413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.149.125.139","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Tor","proto_by_ip_id":163,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":605,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287443413,"flow_src_last_pkt_time":287443413,"flow_dst_last_pkt_time":287443413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"180.149.125.139","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":690,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623671,"flow_src_last_pkt_time":287623671,"flow_dst_last_pkt_time":287623671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":3688,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":690,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623671,"flow_src_last_pkt_time":287623671,"flow_dst_last_pkt_time":287623671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":3688,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":690,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287623671,"flow_src_last_pkt_time":287623671,"flow_dst_last_pkt_time":287623671,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":3688,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":665,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287587640,"flow_src_last_pkt_time":287587640,"flow_dst_last_pkt_time":287587640,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.183.237","src_port":28681,"dst_port":4983,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":665,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287587640,"flow_src_last_pkt_time":287587640,"flow_dst_last_pkt_time":287587640,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.183.237","src_port":28681,"dst_port":4983,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":665,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287587640,"flow_src_last_pkt_time":287587640,"flow_dst_last_pkt_time":287587640,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.183.237","src_port":28681,"dst_port":4983,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":709,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653590,"flow_src_last_pkt_time":287653590,"flow_dst_last_pkt_time":287653590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.68.65","src_port":28681,"dst_port":51967,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":709,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653590,"flow_src_last_pkt_time":287653590,"flow_dst_last_pkt_time":287653590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.68.65","src_port":28681,"dst_port":51967,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":709,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287653590,"flow_src_last_pkt_time":287653590,"flow_dst_last_pkt_time":287653590,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.68.65","src_port":28681,"dst_port":51967,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":656,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287524797,"flow_src_last_pkt_time":287524797,"flow_dst_last_pkt_time":287769030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":2566,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":656,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287524797,"flow_src_last_pkt_time":287524797,"flow_dst_last_pkt_time":287769030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":2566,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":656,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287524797,"flow_src_last_pkt_time":287524797,"flow_dst_last_pkt_time":287769030,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":28681,"dst_port":2566,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":729,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698702,"flow_src_last_pkt_time":287698702,"flow_dst_last_pkt_time":287698702,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.10.134.44","src_port":28681,"dst_port":19739,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":729,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698702,"flow_src_last_pkt_time":287698702,"flow_dst_last_pkt_time":287698702,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.10.134.44","src_port":28681,"dst_port":19739,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":729,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287698702,"flow_src_last_pkt_time":287698702,"flow_dst_last_pkt_time":287698702,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.10.134.44","src_port":28681,"dst_port":19739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342025,"flow_src_last_pkt_time":287510564,"flow_dst_last_pkt_time":287664498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.50.147.205","src_port":28681,"dst_port":17735,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342025,"flow_src_last_pkt_time":287510564,"flow_dst_last_pkt_time":287664498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.50.147.205","src_port":28681,"dst_port":17735,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":548,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":287342025,"flow_src_last_pkt_time":287510564,"flow_dst_last_pkt_time":287664498,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":60,"flow_src_tot_l4_payload_len":88,"flow_dst_tot_l4_payload_len":110,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.50.147.205","src_port":28681,"dst_port":17735,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":633,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497195,"flow_src_last_pkt_time":287497195,"flow_dst_last_pkt_time":287497195,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.149.2.44","src_port":28681,"dst_port":20964,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":633,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497195,"flow_src_last_pkt_time":287497195,"flow_dst_last_pkt_time":287497195,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.149.2.44","src_port":28681,"dst_port":20964,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":633,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287497195,"flow_src_last_pkt_time":287497195,"flow_dst_last_pkt_time":287497195,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.149.2.44","src_port":28681,"dst_port":20964,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800960,"flow_src_last_pkt_time":287319660,"flow_dst_last_pkt_time":251800960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":63978,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800960,"flow_src_last_pkt_time":287319660,"flow_dst_last_pkt_time":251800960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":63978,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":475,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800960,"flow_src_last_pkt_time":287319660,"flow_dst_last_pkt_time":251800960,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":28681,"dst_port":63978,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800608,"flow_src_last_pkt_time":287319436,"flow_dst_last_pkt_time":251800608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":33564,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800608,"flow_src_last_pkt_time":287319436,"flow_dst_last_pkt_time":251800608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":33564,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":473,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251800608,"flow_src_last_pkt_time":287319436,"flow_dst_last_pkt_time":251800608,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.132.165.13","src_port":28681,"dst_port":33564,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287424720,"flow_src_last_pkt_time":287424720,"flow_dst_last_pkt_time":287621286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":28681,"dst_port":19768,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287424720,"flow_src_last_pkt_time":287424720,"flow_dst_last_pkt_time":287621286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":28681,"dst_port":19768,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":575,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287424720,"flow_src_last_pkt_time":287424720,"flow_dst_last_pkt_time":287621286,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.202.31.113","src_port":28681,"dst_port":19768,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429086,"flow_src_last_pkt_time":287429086,"flow_dst_last_pkt_time":287429086,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":28681,"dst_port":4315,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429086,"flow_src_last_pkt_time":287429086,"flow_dst_last_pkt_time":287429086,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":28681,"dst_port":4315,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":588,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287429086,"flow_src_last_pkt_time":287429086,"flow_dst_last_pkt_time":287429086,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.175.103","src_port":28681,"dst_port":4315,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":243616544,"flow_src_last_pkt_time":287587254,"flow_dst_last_pkt_time":288106579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":84,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":720,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287683097,"flow_src_last_pkt_time":287683097,"flow_dst_last_pkt_time":287944533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":174342792,"flow_src_last_pkt_time":287510770,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":114,"flow_dst_tot_l4_payload_len":727,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":720,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287683097,"flow_src_last_pkt_time":287683097,"flow_dst_last_pkt_time":287944533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":720,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287683097,"flow_src_last_pkt_time":287683097,"flow_dst_last_pkt_time":287944533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":631,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287496824,"flow_src_last_pkt_time":287496824,"flow_dst_last_pkt_time":287805278,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":3931,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":631,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287496824,"flow_src_last_pkt_time":287496824,"flow_dst_last_pkt_time":287805278,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":3931,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":631,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287496824,"flow_src_last_pkt_time":287496824,"flow_dst_last_pkt_time":287805278,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":3931,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385136,"flow_src_last_pkt_time":287385136,"flow_dst_last_pkt_time":287385136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.45.40.28","src_port":28681,"dst_port":2656,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385136,"flow_src_last_pkt_time":287385136,"flow_dst_last_pkt_time":287385136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.45.40.28","src_port":28681,"dst_port":2656,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":565,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287385136,"flow_src_last_pkt_time":287385136,"flow_dst_last_pkt_time":287385136,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.45.40.28","src_port":28681,"dst_port":2656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320671,"flow_src_last_pkt_time":287320671,"flow_dst_last_pkt_time":287724793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.162.138.200","src_port":28681,"dst_port":24018,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320671,"flow_src_last_pkt_time":287320671,"flow_dst_last_pkt_time":287724793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.162.138.200","src_port":28681,"dst_port":24018,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":523,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":287320671,"flow_src_last_pkt_time":287320671,"flow_dst_last_pkt_time":287724793,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.162.138.200","src_port":28681,"dst_port":24018,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":694,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625031,"flow_src_last_pkt_time":287625031,"flow_dst_last_pkt_time":287625031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":28681,"dst_port":12405,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":694,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625031,"flow_src_last_pkt_time":287625031,"flow_dst_last_pkt_time":287625031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":28681,"dst_port":12405,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":694,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287625031,"flow_src_last_pkt_time":287625031,"flow_dst_last_pkt_time":287625031,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":28681,"dst_port":12405,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":433136298,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":431831095,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00728{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00834{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00877{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":431829093,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":431829532,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6627,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":71536330,"flow_src_last_pkt_time":350798579,"flow_dst_last_pkt_time":351075803,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":104,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":474890958,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5756,7 +5756,7 @@ 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341465,"flow_src_last_pkt_time":320291340,"flow_dst_last_pkt_time":287341465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49867,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339216,"flow_src_last_pkt_time":320290510,"flow_dst_last_pkt_time":287339216,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51497,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339727,"flow_src_last_pkt_time":320290625,"flow_dst_last_pkt_time":287339727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54436,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01003{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +01046{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357163,"flow_src_last_pkt_time":320292378,"flow_dst_last_pkt_time":287357163,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":59879,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340857,"flow_src_last_pkt_time":320291054,"flow_dst_last_pkt_time":287340857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51675,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6722,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":371839164,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":485092048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5853,7 +5853,7 @@ 00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6791,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_packet_id":2,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490873972,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":490873972,"pkt":"CAAn5uVZUlQAEjUCCABFAABJEL8AAEARuWtwaTQCCgACD1uicAkANU8DODExAiD\/PoD\/dZiXmj2bAwEBABYAAACiW3BpNAIfAAAAAACAAMOCVVBDAQEB"} 00699{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":490916095,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_packet_id":1,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":490916095,"pkt":"CAAn5uVZUlQAEjUCCABFwABUEMAAAH8B9HtBtufoCgACDwMDMuAAAAAARQAAOFJyAAB\/EbOVCgACD0G25+hwCR7SACTlBTqzMQL2cg0m\/8bpadQ5WwMAAQAFAAAAw4JRS0A="} -00824{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":490916095,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.984965}} +00867{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":6792,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":490916095,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.984965}} 00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6793,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_packet_id":2,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":490939326,"pkt":"CAAn5uVZUlQAEjUCCABFAABJEMEAAEAR+rDfEYQSCgACD1uicAkANcVlg9sxAjy4c4P\/utzozFbSAwEBABYAAACiW98RhBJuAAAA+KYpBMOCVVBDACAf"} 00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6794,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_packet_id":2,"flow_src_last_pkt_time":490658810,"flow_dst_last_pkt_time":490991311,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":490991311,"pkt":"CAAn5uVZUlQAEjUCCABFAABKEMIAAEARTyUOyP\/lCgACD5DCcAkANpg9XGQxAgSi0ID\/hbiT8iWZAwEBABcAAADCkA7I\/+WyNgAAAAAgAMOCUUtEGERIlw=="} 00730{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6810,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":491496121,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5881,92 +5881,92 @@ 00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6875,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_packet_id":1,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493288388,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MewAAIARAj0KAAIPJO\/VknAJVPYAINI7R05EEEBzAQFUC1FLUlAGUk5BXS\/iNQlw"} 00732{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":6876,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288490,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6876,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_packet_id":1,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493288490,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bokAAIARxe0KAAIPe81+ZnAJFEkAIBM2R05EEEB0AQFUC1FLUlAGUk5BXS\/iNQlw"} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":311752229,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":311750486,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":311750486,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":311750486,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":311749833,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":311749833,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":311749833,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82058913,"flow_src_last_pkt_time":311749691,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82058913,"flow_src_last_pkt_time":311749691,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82058913,"flow_src_last_pkt_time":311749691,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01020{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01063{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":243617373,"flow_src_last_pkt_time":365428420,"flow_dst_last_pkt_time":365474471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":186,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341251,"flow_src_last_pkt_time":320291193,"flow_dst_last_pkt_time":287341251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.184.29.35","src_port":28681,"dst_port":30582,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6898,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":495445535,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341251,"flow_src_last_pkt_time":320291193,"flow_dst_last_pkt_time":287341251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.184.29.35","src_port":28681,"dst_port":30582,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341251,"flow_src_last_pkt_time":320291193,"flow_dst_last_pkt_time":287341251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.184.29.35","src_port":28681,"dst_port":30582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339588,"flow_src_last_pkt_time":320290592,"flow_dst_last_pkt_time":287339588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.229.185.60","src_port":28681,"dst_port":6898,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339588,"flow_src_last_pkt_time":320290592,"flow_dst_last_pkt_time":287339588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.229.185.60","src_port":28681,"dst_port":6898,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339588,"flow_src_last_pkt_time":320290592,"flow_dst_last_pkt_time":287339588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.229.185.60","src_port":28681,"dst_port":6898,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356130,"flow_src_last_pkt_time":320291674,"flow_dst_last_pkt_time":287356130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3259,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356130,"flow_src_last_pkt_time":320291674,"flow_dst_last_pkt_time":287356130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3259,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":553,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356130,"flow_src_last_pkt_time":320291674,"flow_dst_last_pkt_time":287356130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":28681,"dst_port":3259,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341465,"flow_src_last_pkt_time":320291340,"flow_dst_last_pkt_time":287341465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49867,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341465,"flow_src_last_pkt_time":320291340,"flow_dst_last_pkt_time":287341465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49867,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":546,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341465,"flow_src_last_pkt_time":320291340,"flow_dst_last_pkt_time":287341465,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49867,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339216,"flow_src_last_pkt_time":320290510,"flow_dst_last_pkt_time":287339216,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51497,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339216,"flow_src_last_pkt_time":320290510,"flow_dst_last_pkt_time":287339216,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51497,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":531,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339216,"flow_src_last_pkt_time":320290510,"flow_dst_last_pkt_time":287339216,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51497,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339727,"flow_src_last_pkt_time":320290625,"flow_dst_last_pkt_time":287339727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54436,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339727,"flow_src_last_pkt_time":320290625,"flow_dst_last_pkt_time":287339727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54436,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":534,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339727,"flow_src_last_pkt_time":320290625,"flow_dst_last_pkt_time":287339727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":54436,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357163,"flow_src_last_pkt_time":320292378,"flow_dst_last_pkt_time":287357163,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":59879,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357163,"flow_src_last_pkt_time":320292378,"flow_dst_last_pkt_time":287357163,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":59879,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":562,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357163,"flow_src_last_pkt_time":320292378,"flow_dst_last_pkt_time":287357163,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":59879,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340857,"flow_src_last_pkt_time":320291054,"flow_dst_last_pkt_time":287340857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51675,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340857,"flow_src_last_pkt_time":320291054,"flow_dst_last_pkt_time":287340857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51675,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":542,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340857,"flow_src_last_pkt_time":320291054,"flow_dst_last_pkt_time":287340857,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.103.139.2","src_port":28681,"dst_port":51675,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287355840,"flow_src_last_pkt_time":320291559,"flow_dst_last_pkt_time":287355840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.24.129.230","src_port":28681,"dst_port":14766,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287355840,"flow_src_last_pkt_time":320291559,"flow_dst_last_pkt_time":287355840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.24.129.230","src_port":28681,"dst_port":14766,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":551,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287355840,"flow_src_last_pkt_time":320291559,"flow_dst_last_pkt_time":287355840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.24.129.230","src_port":28681,"dst_port":14766,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356336,"flow_src_last_pkt_time":320291809,"flow_dst_last_pkt_time":287356336,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":20387,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356336,"flow_src_last_pkt_time":320291809,"flow_dst_last_pkt_time":287356336,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":20387,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":555,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356336,"flow_src_last_pkt_time":320291809,"flow_dst_last_pkt_time":287356336,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":28681,"dst_port":20387,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340413,"flow_src_last_pkt_time":320290815,"flow_dst_last_pkt_time":287340413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":28681,"dst_port":14339,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01061{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":8,"flow_first_seen":90072798,"flow_src_last_pkt_time":320293489,"flow_dst_last_pkt_time":287667256,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":779,"flow_dst_tot_l4_payload_len":4554,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340413,"flow_src_last_pkt_time":320290815,"flow_dst_last_pkt_time":287340413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":28681,"dst_port":14339,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":538,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340413,"flow_src_last_pkt_time":320290815,"flow_dst_last_pkt_time":287340413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":28681,"dst_port":14339,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340201,"flow_src_last_pkt_time":320290703,"flow_dst_last_pkt_time":287340201,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.222.160","src_port":28681,"dst_port":56121,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340201,"flow_src_last_pkt_time":320290703,"flow_dst_last_pkt_time":287340201,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.222.160","src_port":28681,"dst_port":56121,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":536,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340201,"flow_src_last_pkt_time":320290703,"flow_dst_last_pkt_time":287340201,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.222.160","src_port":28681,"dst_port":56121,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356722,"flow_src_last_pkt_time":320292178,"flow_dst_last_pkt_time":287356722,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":6466,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356722,"flow_src_last_pkt_time":320292178,"flow_dst_last_pkt_time":287356722,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":6466,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":558,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356722,"flow_src_last_pkt_time":320292178,"flow_dst_last_pkt_time":287356722,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":6466,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356436,"flow_src_last_pkt_time":320292020,"flow_dst_last_pkt_time":287356436,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49787,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356436,"flow_src_last_pkt_time":320292020,"flow_dst_last_pkt_time":287356436,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49787,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":556,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356436,"flow_src_last_pkt_time":320292020,"flow_dst_last_pkt_time":287356436,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":28681,"dst_port":49787,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356915,"flow_src_last_pkt_time":320292278,"flow_dst_last_pkt_time":287356915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53883,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356915,"flow_src_last_pkt_time":320292278,"flow_dst_last_pkt_time":287356915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53883,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":560,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356915,"flow_src_last_pkt_time":320292278,"flow_dst_last_pkt_time":287356915,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":53883,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356820,"flow_src_last_pkt_time":320292204,"flow_dst_last_pkt_time":287356820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":55080,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356820,"flow_src_last_pkt_time":320292204,"flow_dst_last_pkt_time":287356820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":55080,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":559,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356820,"flow_src_last_pkt_time":320292204,"flow_dst_last_pkt_time":287356820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":55080,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287338845,"flow_src_last_pkt_time":320290433,"flow_dst_last_pkt_time":287338845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":57929,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287338845,"flow_src_last_pkt_time":320290433,"flow_dst_last_pkt_time":287338845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":57929,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":529,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287338845,"flow_src_last_pkt_time":320290433,"flow_dst_last_pkt_time":287338845,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.241.162.162","src_port":28681,"dst_port":57929,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340558,"flow_src_last_pkt_time":320290853,"flow_dst_last_pkt_time":287340558,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":7510,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340558,"flow_src_last_pkt_time":320290853,"flow_dst_last_pkt_time":287340558,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":7510,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":539,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340558,"flow_src_last_pkt_time":320290853,"flow_dst_last_pkt_time":287340558,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.14.143.237","src_port":28681,"dst_port":7510,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341361,"flow_src_last_pkt_time":320291262,"flow_dst_last_pkt_time":287341361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.49.159.77","src_port":28681,"dst_port":55915,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341361,"flow_src_last_pkt_time":320291262,"flow_dst_last_pkt_time":287341361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.49.159.77","src_port":28681,"dst_port":55915,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":545,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341361,"flow_src_last_pkt_time":320291262,"flow_dst_last_pkt_time":287341361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"116.49.159.77","src_port":28681,"dst_port":55915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":664,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287573220,"flow_src_last_pkt_time":320293048,"flow_dst_last_pkt_time":287573220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6594,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":664,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287573220,"flow_src_last_pkt_time":320293048,"flow_dst_last_pkt_time":287573220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6594,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":664,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287573220,"flow_src_last_pkt_time":320293048,"flow_dst_last_pkt_time":287573220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.163","src_port":28681,"dst_port":6594,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356242,"flow_src_last_pkt_time":320291740,"flow_dst_last_pkt_time":287356242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":55577,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356242,"flow_src_last_pkt_time":320291740,"flow_dst_last_pkt_time":287356242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":55577,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":554,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356242,"flow_src_last_pkt_time":320291740,"flow_dst_last_pkt_time":287356242,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.203.72.224","src_port":28681,"dst_port":55577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287338641,"flow_src_last_pkt_time":320290371,"flow_dst_last_pkt_time":287338641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":58442,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287338641,"flow_src_last_pkt_time":320290371,"flow_dst_last_pkt_time":287338641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":58442,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":528,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287338641,"flow_src_last_pkt_time":320290371,"flow_dst_last_pkt_time":287338641,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.168.15.71","src_port":28681,"dst_port":58442,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340314,"flow_src_last_pkt_time":320290768,"flow_dst_last_pkt_time":287340314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":2034,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340314,"flow_src_last_pkt_time":320290768,"flow_dst_last_pkt_time":287340314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":2034,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":537,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340314,"flow_src_last_pkt_time":320290768,"flow_dst_last_pkt_time":287340314,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.200.235","src_port":28681,"dst_port":2034,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340060,"flow_src_last_pkt_time":320290682,"flow_dst_last_pkt_time":287340060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10655,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340060,"flow_src_last_pkt_time":320290682,"flow_dst_last_pkt_time":287340060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10655,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":535,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340060,"flow_src_last_pkt_time":320290682,"flow_dst_last_pkt_time":287340060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10655,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339383,"flow_src_last_pkt_time":320290529,"flow_dst_last_pkt_time":287339383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10677,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339383,"flow_src_last_pkt_time":320290529,"flow_dst_last_pkt_time":287339383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10677,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":532,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339383,"flow_src_last_pkt_time":320290529,"flow_dst_last_pkt_time":287339383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":10677,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":696,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287635205,"flow_src_last_pkt_time":320293343,"flow_dst_last_pkt_time":287635205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.189.72.230","src_port":28681,"dst_port":8161,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":696,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287635205,"flow_src_last_pkt_time":320293343,"flow_dst_last_pkt_time":287635205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.189.72.230","src_port":28681,"dst_port":8161,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":696,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287635205,"flow_src_last_pkt_time":320293343,"flow_dst_last_pkt_time":287635205,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.189.72.230","src_port":28681,"dst_port":8161,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356009,"flow_src_last_pkt_time":320291601,"flow_dst_last_pkt_time":287356009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":28681,"dst_port":60012,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356009,"flow_src_last_pkt_time":320291601,"flow_dst_last_pkt_time":287356009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":28681,"dst_port":60012,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":552,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356009,"flow_src_last_pkt_time":320291601,"flow_dst_last_pkt_time":287356009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.250.6.59","src_port":28681,"dst_port":60012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340969,"flow_src_last_pkt_time":320291125,"flow_dst_last_pkt_time":287340969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.159.60","src_port":28681,"dst_port":56896,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340969,"flow_src_last_pkt_time":320291125,"flow_dst_last_pkt_time":287340969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.159.60","src_port":28681,"dst_port":56896,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":543,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340969,"flow_src_last_pkt_time":320291125,"flow_dst_last_pkt_time":287340969,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.159.60","src_port":28681,"dst_port":56896,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356560,"flow_src_last_pkt_time":320292115,"flow_dst_last_pkt_time":287356560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53163,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356560,"flow_src_last_pkt_time":320292115,"flow_dst_last_pkt_time":287356560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53163,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":557,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287356560,"flow_src_last_pkt_time":320292115,"flow_dst_last_pkt_time":287356560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.222.160.99","src_port":28681,"dst_port":53163,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357051,"flow_src_last_pkt_time":320292316,"flow_dst_last_pkt_time":287357051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":57466,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357051,"flow_src_last_pkt_time":320292316,"flow_dst_last_pkt_time":287357051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":57466,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":561,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287357051,"flow_src_last_pkt_time":320292316,"flow_dst_last_pkt_time":287357051,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.238.173.128","src_port":28681,"dst_port":57466,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340758,"flow_src_last_pkt_time":320290989,"flow_dst_last_pkt_time":287340758,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":11141,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340758,"flow_src_last_pkt_time":320290989,"flow_dst_last_pkt_time":287340758,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":11141,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":541,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340758,"flow_src_last_pkt_time":320290989,"flow_dst_last_pkt_time":287340758,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":28681,"dst_port":11141,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341591,"flow_src_last_pkt_time":320291446,"flow_dst_last_pkt_time":287341591,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":43316,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341591,"flow_src_last_pkt_time":320291446,"flow_dst_last_pkt_time":287341591,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":43316,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":547,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341591,"flow_src_last_pkt_time":320291446,"flow_dst_last_pkt_time":287341591,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":43316,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339043,"flow_src_last_pkt_time":320290446,"flow_dst_last_pkt_time":287339043,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":28681,"dst_port":59304,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339043,"flow_src_last_pkt_time":320290446,"flow_dst_last_pkt_time":287339043,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":28681,"dst_port":59304,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":530,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339043,"flow_src_last_pkt_time":320290446,"flow_dst_last_pkt_time":287339043,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":28681,"dst_port":59304,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340655,"flow_src_last_pkt_time":320290899,"flow_dst_last_pkt_time":287340655,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52131,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340655,"flow_src_last_pkt_time":320290899,"flow_dst_last_pkt_time":287340655,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52131,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":540,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287340655,"flow_src_last_pkt_time":320290899,"flow_dst_last_pkt_time":287340655,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":28681,"dst_port":52131,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":433136626,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":493283576,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":6990,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":381404139,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":505793861,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5976,7 +5976,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7079,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":493286206,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":515909279,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":520019755,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":520019755,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_packet_id":1,"flow_src_last_pkt_time":520019755,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":520019755,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LsAAAER3F4KAAIP7\/\/\/+sQmB2wAtikITS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} -00874{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":520019755,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":520019755,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00917{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7120,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":520019755,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":520019755,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7131,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_packet_id":2,"flow_src_last_pkt_time":521048856,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":521048856,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LwAAAER3F0KAAIP7\/\/\/+sQmB2wAtikITS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00715{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7141,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_packet_id":3,"flow_src_last_pkt_time":522076302,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":522076302,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4L0AAAER3FwKAAIP7\/\/\/+sQmB2wAtikITS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -5999,15 +5999,15 @@ 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":431831362,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":431828596,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":493285220,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00846{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00889{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":491977146,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":493284992,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7179,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":493283376,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":526127228,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":754,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":355387386,"flow_src_last_pkt_time":355387386,"flow_dst_last_pkt_time":355387386,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.125.218.84","src_port":28681,"dst_port":17561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":71536330,"flow_src_last_pkt_time":350798579,"flow_dst_last_pkt_time":351075803,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":104,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":71536330,"flow_src_last_pkt_time":350798579,"flow_dst_last_pkt_time":351075803,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":104,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":71536330,"flow_src_last_pkt_time":350798579,"flow_dst_last_pkt_time":351075803,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":104,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":287424215,"flow_src_last_pkt_time":350982053,"flow_dst_last_pkt_time":351110333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.239.173.18","src_port":28681,"dst_port":23327,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":287424215,"flow_src_last_pkt_time":350982053,"flow_dst_last_pkt_time":351110333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.239.173.18","src_port":28681,"dst_port":23327,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":573,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":287424215,"flow_src_last_pkt_time":350982053,"flow_dst_last_pkt_time":351110333,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.239.173.18","src_port":28681,"dst_port":23327,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":433137196,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":777,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490843482,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.211.43","src_port":28681,"dst_port":23459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -6023,7 +6023,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00737{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490658810,"flow_src_last_pkt_time":490658810,"flow_dst_last_pkt_time":490991311,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01003{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +01046{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":371839164,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":493285649,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":433134887,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -6055,20 +6055,20 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":491980468,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7268,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":536329689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":243617373,"flow_src_last_pkt_time":365428420,"flow_dst_last_pkt_time":365474471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":186,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":243617373,"flow_src_last_pkt_time":365428420,"flow_dst_last_pkt_time":365474471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":186,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":383,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":243617373,"flow_src_last_pkt_time":365428420,"flow_dst_last_pkt_time":365474471,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":56,"flow_dst_max_l4_payload_len":77,"flow_src_tot_l4_payload_len":113,"flow_dst_tot_l4_payload_len":186,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.71.243.60","src_port":28681,"dst_port":34498,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7351,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":545788264,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7364,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_packet_id":3,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":490991311,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":71,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":71,"pkt_l4_len":37,"thread_ts_usec":548240082,"pkt":"UlQAEjUCCAAn5uVZCABFAAA5ti0AAIARacoKAAIPDsj\/5XAJkMIAJToVhUMxAqfmQqb\/HOa6fwGLAwABAAYAAADDg0dVRUA="} 00516{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7366,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":772,"flow_packet_id":2,"flow_src_last_pkt_time":551701186,"flow_dst_last_pkt_time":490659611,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":551701186,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4XBwAAIARoNwKAAIPScDn7XAJJcwAJGCkrTAxAgWSHsf\/H7IG115yAwABAAUAAADDglFLQA=="} 00517{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7367,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":774,"flow_packet_id":2,"flow_src_last_pkt_time":551702643,"flow_dst_last_pkt_time":490659991,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":551702643,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4f\/IAAIARjeQKAAIPMjrulXAJGccAJJQX7RsxAlRaYer\/KFqb61nNAwABAAUAAADDglFLQA=="} @@ -6086,28 +6086,28 @@ 00509{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7398,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_packet_id":1,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551892012,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J3oAAIARnW8KAAIPKfk\/yHAJWDYAIF+oR05EEECHAQFUC1FLUlAGUk5BXS\/iNQlw"} 00697{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7403,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":552011039,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3} 00549{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7403,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_packet_id":1,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":94,"pkt_l4_len":60,"thread_ts_usec":552011039,"pkt":"CAAn5uVZUlQAEjUCCABFwABQEicAAH8BV+OaAyrRCgACDwMDzhEAAAAARQAANH78AAB\/EevZCgACD5oDKtFwCRjKACBD\/UdORBBAiwEBVAtRS1JQBlJOQV0v4jUJcA=="} -00822{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7403,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":552011039,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.209868}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":373495642,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00865{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7403,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":552011039,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.209868}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":373495642,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":373495642,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":371839164,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":371839164,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":371839164,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82064863,"flow_src_last_pkt_time":373495794,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"138.199.16.123","src_port":28681,"dst_port":52993,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82064863,"flow_src_last_pkt_time":373495794,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"138.199.16.123","src_port":28681,"dst_port":52993,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82064863,"flow_src_last_pkt_time":373495794,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"138.199.16.123","src_port":28681,"dst_port":52993,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01016{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +01059{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":553212612,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7421,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":381404139,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":554967545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":381404139,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":381404139,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":381404139,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00731{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":493285407,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00881{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":523077357,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00924{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":523077357,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":553212305,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00846{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01014{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00889{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7429,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":568531706,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01057{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":40,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":40,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00730{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":433137196,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -6124,7 +6124,7 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702875,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00738{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490658810,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":548572473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00739{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01003{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +01046{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":431178093,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":201,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":553212697,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":551891417,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":493285649,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -6173,10 +6173,10 @@ 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702853,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7439,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":581778930,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00879{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":403044600,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00736{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00844{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00887{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00732{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} @@ -6185,357 +6185,357 @@ 00735{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00734{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00733{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01015{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01058{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":7447,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":591044638,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7482,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":595449220,"flow_src_last_pkt_time":595449220,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":595449220,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 00667{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7482,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_packet_id":1,"flow_src_last_pkt_time":595449220,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":179,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":179,"pkt_l4_len":145,"thread_ts_usec":595449220,"pkt":"AQBef\/\/6CAAn5uVZCABFAACl4L8AAAQR2X8KAAIP7\/\/\/+vnaB2wAkQ9eTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClNUOiB1cm46c2NoZW1hcy11cG5wLW9yZzpkZXZpY2U6SW50ZXJuZXRHYXRld2F5RGV2aWNlOjENCk1hbjogInNzZHA6ZGlzY292ZXIiDQpNWDogMw0KDQo="} -00874{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7482,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":595449220,"flow_src_last_pkt_time":595449220,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":595449220,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} +00917{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7482,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":595449220,"flow_src_last_pkt_time":595449220,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":137,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":595449220,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00667{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7483,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_packet_id":2,"flow_src_last_pkt_time":598465934,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":179,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":179,"pkt_l4_len":145,"thread_ts_usec":598465934,"pkt":"AQBef\/\/6CAAn5uVZCABFAACl4MAAAAQR2X4KAAIP7\/\/\/+vnaB2wAkQ9eTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSG9zdDogMjM5LjI1NS4yNTUuMjUwOjE5MDANClNUOiB1cm46c2NoZW1hcy11cG5wLW9yZzpkZXZpY2U6SW50ZXJuZXRHYXRld2F5RGV2aWNlOjENCk1hbjogInNzZHA6ZGlzY292ZXIiDQpNWDogMw0KDQo="} 00757{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7484,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_packet_id":2,"flow_src_last_pkt_time":599325330,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":243,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":243,"pkt_l4_len":209,"thread_ts_usec":599325330,"pkt":"\/\/\/\/\/\/\/\/CAAn5uVZCABFAADlHP8AAIARA\/wKAAIPCgAC\/wCKAIoA0XlAEQKcMQoAAg8AigC7AAAgRU5GREVGRUVFSEVGRkhFSkVPREJEQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAOgDAAAAAAAAAAAhAFYAAwABAAAAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQCA\/AoATVNFREdFV0lOMTAAAAAAAAoAARAAAA8BVaoA"} 00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7485,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415510,"flow_src_last_pkt_time":599415510,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599415510,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7485,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_packet_id":1,"flow_src_last_pkt_time":599415510,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":834,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":834,"pkt_l4_len":780,"thread_ts_usec":599415510,"pkt":"MzMAAAAMCAAn5uVZht1gB0PFAwwRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dYOdgMMdjk8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvQnllPC93c2E6QWN0aW9uPjx3c2E6TWVzc2FnZUlEPnVybjp1dWlkOjk4Zjc0ZjcxLTZkZmMtNDYxMi05YzNjLTVjNTgwZWI4MzU5Njwvd3NhOk1lc3NhZ2VJRD48d3NkOkFwcFNlcXVlbmNlIEluc3RhbmNlSWQ9IjQ2IiBTZXF1ZW5jZUlkPSJ1cm46dXVpZDo3NjczODllMC1lZTlhLTRjMWMtYjkwMi0yMGNiODFkMjAzZTAiIE1lc3NhZ2VOdW1iZXI9IjUiPjwvd3NkOkFwcFNlcXVlbmNlPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOkJ5ZT48d3NhOkVuZHBvaW50UmVmZXJlbmNlPjx3c2E6QWRkcmVzcz51cm46dXVpZDo3NDdmM2Q5Ni02OGE3LTQzZjEtOGNiZS1lOGQ2ZGFkZDAzNTg8L3dzYTpBZGRyZXNzPjwvd3NhOkVuZHBvaW50UmVmZXJlbmNlPjwvd3NkOkJ5ZT48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+"} -00849{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7485,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415510,"flow_src_last_pkt_time":599415510,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599415510,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00892{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7485,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415510,"flow_src_last_pkt_time":599415510,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599415510,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7486,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415868,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599415868,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} 01515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7486,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_packet_id":1,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":814,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":814,"pkt_l4_len":780,"thread_ts_usec":599415868,"pkt":"AQBef\/\/6CAAn5uVZCABFAAMg4MEAAAER2gIKAAIP7\/\/\/+vnVDnYDDAYbPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c29hcDpFbnZlbG9wZSB4bWxuczpzb2FwPSJodHRwOi8vd3d3LnczLm9yZy8yMDAzLzA1L3NvYXAtZW52ZWxvcGUiIHhtbG5zOndzYT0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNC8wOC9hZGRyZXNzaW5nIiB4bWxuczp3c2Q9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5Ij48c29hcDpIZWFkZXI+PHdzYTpUbz51cm46c2NoZW1hcy14bWxzb2FwLW9yZzp3czoyMDA1OjA0OmRpc2NvdmVyeTwvd3NhOlRvPjx3c2E6QWN0aW9uPmh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDQvZGlzY292ZXJ5L0J5ZTwvd3NhOkFjdGlvbj48d3NhOk1lc3NhZ2VJRD51cm46dXVpZDo5OGY3NGY3MS02ZGZjLTQ2MTItOWMzYy01YzU4MGViODM1OTY8L3dzYTpNZXNzYWdlSUQ+PHdzZDpBcHBTZXF1ZW5jZSBJbnN0YW5jZUlkPSI0NiIgU2VxdWVuY2VJZD0idXJuOnV1aWQ6NzY3Mzg5ZTAtZWU5YS00YzFjLWI5MDItMjBjYjgxZDIwM2UwIiBNZXNzYWdlTnVtYmVyPSI1Ij48L3dzZDpBcHBTZXF1ZW5jZT48L3NvYXA6SGVhZGVyPjxzb2FwOkJvZHk+PHdzZDpCeWU+PHdzYTpFbmRwb2ludFJlZmVyZW5jZT48d3NhOkFkZHJlc3M+dXJuOnV1aWQ6NzQ3ZjNkOTYtNjhhNy00M2YxLThjYmUtZThkNmRhZGQwMzU4PC93c2E6QWRkcmVzcz48L3dzYTpFbmRwb2ludFJlZmVyZW5jZT48L3dzZDpCeWU+PC9zb2FwOkJvZHk+PC9zb2FwOkVudmVsb3BlPg=="} -00841{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7486,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415868,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599415868,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00884{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7486,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415868,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599415868,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00710{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":7487,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599426218,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599426218,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3} 00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7487,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_packet_id":1,"flow_src_last_pkt_time":599426218,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":599426218,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAOKkAAAAAQMAAAD\/AgAAAAAAAAAAAAAAAAAM"} -00819{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7487,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599426218,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599426218,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00862{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7487,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599426218,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599426218,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7488,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_packet_id":2,"flow_src_last_pkt_time":599529292,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"pkt_oversize":false,"pkt_caplen":834,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":834,"pkt_l4_len":780,"thread_ts_usec":599529292,"pkt":"MzMAAAAMCAAn5uVZht1gB0PFAwwRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAM+dYOdgMMdjk8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJ1dGYtOCI\/Pjxzb2FwOkVudmVsb3BlIHhtbG5zOnNvYXA9Imh0dHA6Ly93d3cudzMub3JnLzIwMDMvMDUvc29hcC1lbnZlbG9wZSIgeG1sbnM6d3NhPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA0LzA4L2FkZHJlc3NpbmciIHhtbG5zOndzZD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkiPjxzb2FwOkhlYWRlcj48d3NhOlRvPnVybjpzY2hlbWFzLXhtbHNvYXAtb3JnOndzOjIwMDU6MDQ6ZGlzY292ZXJ5PC93c2E6VG8+PHdzYTpBY3Rpb24+aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNC9kaXNjb3ZlcnkvQnllPC93c2E6QWN0aW9uPjx3c2E6TWVzc2FnZUlEPnVybjp1dWlkOjk4Zjc0ZjcxLTZkZmMtNDYxMi05YzNjLTVjNTgwZWI4MzU5Njwvd3NhOk1lc3NhZ2VJRD48d3NkOkFwcFNlcXVlbmNlIEluc3RhbmNlSWQ9IjQ2IiBTZXF1ZW5jZUlkPSJ1cm46dXVpZDo3NjczODllMC1lZTlhLTRjMWMtYjkwMi0yMGNiODFkMjAzZTAiIE1lc3NhZ2VOdW1iZXI9IjUiPjwvd3NkOkFwcFNlcXVlbmNlPjwvc29hcDpIZWFkZXI+PHNvYXA6Qm9keT48d3NkOkJ5ZT48d3NhOkVuZHBvaW50UmVmZXJlbmNlPjx3c2E6QWRkcmVzcz51cm46dXVpZDo3NDdmM2Q5Ni02OGE3LTQzZjEtOGNiZS1lOGQ2ZGFkZDAzNTg8L3dzYTpBZGRyZXNzPjwvd3NhOkVuZHBvaW50UmVmZXJlbmNlPjwvd3NkOkJ5ZT48L3NvYXA6Qm9keT48L3NvYXA6RW52ZWxvcGU+"} 00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7489,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_packet_id":2,"flow_src_last_pkt_time":599747316,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"pkt_oversize":false,"pkt_caplen":90,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":62,"pkt_len":90,"pkt_l4_len":28,"thread_ts_usec":599747316,"pkt":"MzMAAAAWCAAn5uVZht1gAAAAACQAAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAAAWOgAFAgAAAQCPAOKkAAAAAQMAAAD\/AgAAAAAAAAAAAAAAAAAM"} -00575{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":7490,"source":"gnutella.pcap","alias":"nDPId-test","packets-captured":7490,"packets-processed":7468,"total-skipped-flows":0,"total-l4-payload-len":3617715,"total-not-detected-flows":474,"total-guessed-flows":6,"total-detected-flows":170,"total-detection-updates":5,"total-updates":2555,"current-active-flows":169,"total-active-flows":801,"total-idle-flows":632,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6205,"global_ts_usec":600247140} -00768{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00575{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":7490,"source":"gnutella.pcap","alias":"nDPId-test","packets-captured":7490,"packets-processed":7468,"total-skipped-flows":0,"total-l4-payload-len":3617715,"total-not-detected-flows":475,"total-guessed-flows":1,"total-detected-flows":174,"total-detection-updates":5,"total-updates":2555,"current-active-flows":169,"total-active-flows":801,"total-idle-flows":632,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6205,"global_ts_usec":600247140} +00811{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062972,"flow_src_last_pkt_time":74093030,"flow_dst_last_pkt_time":65062972,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.17.124.40","src_port":50212,"dst_port":6776,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":433137196,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":433137196,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":433137196,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00779{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":777,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702829,"flow_dst_last_pkt_time":551880698,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.211.43","src_port":28681,"dst_port":23459,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00822{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":777,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702829,"flow_dst_last_pkt_time":551880698,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.211.43","src_port":28681,"dst_port":23459,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00735{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":777,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702829,"flow_dst_last_pkt_time":551880698,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.211.43","src_port":28681,"dst_port":23459,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":491979236,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":491979236,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":491979236,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":551891672,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":551891672,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":551891672,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89733458,"flow_src_last_pkt_time":98763140,"flow_dst_last_pkt_time":89733458,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.195.236.249","src_port":50289,"dst_port":18557,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00880{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415868,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":776,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702767,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.10.83","src_port":28681,"dst_port":8797,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00923{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":800,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":599415868,"flow_src_last_pkt_time":599415868,"flow_dst_last_pkt_time":599415868,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":772,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63957,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":776,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702767,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.10.83","src_port":28681,"dst_port":8797,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":776,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702767,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.10.83","src_port":28681,"dst_port":8797,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":227,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607568,"flow_src_last_pkt_time":94638173,"flow_dst_last_pkt_time":85607568,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.179.18.242","src_port":50273,"dst_port":47329,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01019{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":66,"flow_dst_packets_processed":69,"flow_first_seen":90742816,"flow_src_last_pkt_time":593652028,"flow_dst_last_pkt_time":593652028,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":3017,"flow_dst_tot_l4_payload_len":6754,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":767,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490658663,"flow_src_last_pkt_time":490658663,"flow_dst_last_pkt_time":490773349,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01062{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":276,"flow_state":"finished","flow_src_packets_processed":66,"flow_dst_packets_processed":69,"flow_first_seen":90742816,"flow_src_last_pkt_time":593652028,"flow_dst_last_pkt_time":593652028,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":3017,"flow_dst_tot_l4_payload_len":6754,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50300,"dst_port":11852,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":767,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490658663,"flow_src_last_pkt_time":490658663,"flow_dst_last_pkt_time":490773349,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":767,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490658663,"flow_src_last_pkt_time":490658663,"flow_dst_last_pkt_time":490773349,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.65.87.24","src_port":28681,"dst_port":16201,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":551891223,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":551891223,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":551891223,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110677,"flow_src_last_pkt_time":77138828,"flow_dst_last_pkt_time":68110677,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.68.138.207","src_port":50231,"dst_port":45079,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":228,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607814,"flow_src_last_pkt_time":94638448,"flow_dst_last_pkt_time":85607814,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.174.18.115","src_port":50274,"dst_port":50679,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":431830029,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":431830029,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":431830029,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":778,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":778,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":778,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":28681,"dst_port":9010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":773,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659760,"flow_src_last_pkt_time":490659760,"flow_dst_last_pkt_time":490696108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":773,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659760,"flow_src_last_pkt_time":490659760,"flow_dst_last_pkt_time":490696108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":773,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659760,"flow_src_last_pkt_time":490659760,"flow_dst_last_pkt_time":490696108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.153.21.93","src_port":28681,"dst_port":36696,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00832{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01023{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":182,"flow_dst_packets_processed":183,"flow_first_seen":88704150,"flow_src_last_pkt_time":593692438,"flow_dst_last_pkt_time":593692239,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2616,"flow_dst_tot_l4_payload_len":40868,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702875,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00875{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":8,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":0,"flow_first_seen":12513795,"flow_src_last_pkt_time":14765980,"flow_dst_last_pkt_time":12513795,"flow_idle_time":620000000,"flow_src_min_l4_payload_len":16,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":200,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.22","l4_proto":2,"flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"IGMP","proto_id":"82","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01066{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":238,"flow_state":"finished","flow_src_packets_processed":182,"flow_dst_packets_processed":183,"flow_first_seen":88704150,"flow_src_last_pkt_time":593692438,"flow_dst_last_pkt_time":593692239,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":600,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2616,"flow_dst_tot_l4_payload_len":40868,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":50284,"dst_port":53258,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702875,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":779,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702875,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.65.217.224","src_port":28681,"dst_port":18381,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00780{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490658810,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":548572473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00823{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490658810,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":548572473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00736{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490658810,"flow_src_last_pkt_time":548240082,"flow_dst_last_pkt_time":548572473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00781{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00824{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00737{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":765,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":487301830,"flow_src_last_pkt_time":487301830,"flow_dst_last_pkt_time":490657488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":29,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":278,"flow_src_tot_l4_payload_len":29,"flow_dst_tot_l4_payload_len":278,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":75,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142033,"flow_src_last_pkt_time":78169124,"flow_dst_last_pkt_time":69142033,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.189.28.17","src_port":50234,"dst_port":16269,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":240,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88705517,"flow_src_last_pkt_time":97732221,"flow_dst_last_pkt_time":88705517,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.118.116.198","src_port":50286,"dst_port":44616,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01001{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":599325330,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} -00879{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":595449220,"flow_src_last_pkt_time":598465934,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":553212697,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01044{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":760,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":431178093,"flow_src_last_pkt_time":599325330,"flow_dst_last_pkt_time":431178093,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":201,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":201,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":402,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}} +00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":798,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":595449220,"flow_src_last_pkt_time":598465934,"flow_dst_last_pkt_time":595449220,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":137,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":137,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":274,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":63962,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":553212697,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":553212697,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":74,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69141655,"flow_src_last_pkt_time":78169222,"flow_dst_last_pkt_time":69141655,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.163.14.246","src_port":50233,"dst_port":12854,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":152,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75359352,"flow_src_last_pkt_time":84388302,"flow_dst_last_pkt_time":75359352,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.250.32","src_port":50265,"dst_port":52647,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86641393,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.91.201","src_port":50279,"dst_port":4297,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":551891417,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":551891417,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":551891417,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":493285649,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":493285649,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":493285649,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":493285407,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":493285407,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":493285407,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00858{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599747316,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00901{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":801,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":599426218,"flow_src_last_pkt_time":599747316,"flow_dst_last_pkt_time":599426218,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":123,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72267129,"flow_src_last_pkt_time":81278710,"flow_dst_last_pkt_time":72267129,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":50254,"dst_port":49046,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00889{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":599415510,"flow_src_last_pkt_time":599529292,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01259{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":673,"flow_dst_packets_processed":1683,"flow_first_seen":114930255,"flow_src_last_pkt_time":546895744,"flow_dst_last_pkt_time":546895529,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2296,"flow_dst_tot_l4_payload_len":2189484,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00932{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":799,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":599415510,"flow_src_last_pkt_time":599529292,"flow_dst_last_pkt_time":599415510,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":772,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":772,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1544,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::c","src_port":63958,"dst_port":3702,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"WSD","proto_id":"153","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +01302{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":333,"flow_state":"finished","flow_src_packets_processed":673,"flow_dst_packets_processed":1683,"flow_first_seen":114930255,"flow_src_last_pkt_time":546895744,"flow_dst_last_pkt_time":546895529,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":533,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2296,"flow_dst_tot_l4_payload_len":2189484,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50327,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094277,"flow_src_last_pkt_time":76122571,"flow_dst_last_pkt_time":67094277,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.167.248.220","src_port":50223,"dst_port":63108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078714,"flow_src_last_pkt_time":75077268,"flow_dst_last_pkt_time":66078714,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.247.94","src_port":50218,"dst_port":59045,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":551891299,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":551891299,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":551891299,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061649,"flow_src_last_pkt_time":74093071,"flow_dst_last_pkt_time":65061649,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.206.254","src_port":50209,"dst_port":49587,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00768{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00811{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67094863,"flow_src_last_pkt_time":76122465,"flow_dst_last_pkt_time":67094863,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.125.63.97","src_port":50224,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":551890628,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":551890628,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":551890628,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":551890119,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":551890119,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":551890119,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":553213068,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":553213068,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":553213068,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68108638,"flow_src_last_pkt_time":77122396,"flow_dst_last_pkt_time":68108638,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.246.157.94","src_port":50227,"dst_port":51175,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":553212536,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":553212536,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":553212536,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":553212996,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":553212996,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":553212996,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077295,"flow_src_last_pkt_time":75077318,"flow_dst_last_pkt_time":66077295,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.244.64.237","src_port":50215,"dst_port":4704,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00768{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00811{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":71,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68110208,"flow_src_last_pkt_time":77122514,"flow_dst_last_pkt_time":68110208,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":50230,"dst_port":17296,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":551891091,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":551891091,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":551891091,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":433135893,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":433135893,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":433135893,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":244,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":89732915,"flow_src_last_pkt_time":98763268,"flow_dst_last_pkt_time":89732915,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":50288,"dst_port":20347,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64033019,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.78.171.204","src_port":50207,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":493284702,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":493284702,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":493284702,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":281,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90744632,"flow_src_last_pkt_time":99778400,"flow_dst_last_pkt_time":90744632,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":50305,"dst_port":63637,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":45,"flow_dst_packets_processed":54,"flow_first_seen":71205274,"flow_src_last_pkt_time":593737928,"flow_dst_last_pkt_time":593737690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":754,"flow_dst_tot_l4_payload_len":5336,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01061{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":45,"flow_dst_packets_processed":54,"flow_first_seen":71205274,"flow_src_last_pkt_time":593737928,"flow_dst_last_pkt_time":593737690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":754,"flow_dst_tot_l4_payload_len":5336,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65061127,"flow_src_last_pkt_time":74092928,"flow_dst_last_pkt_time":65061127,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.237.116.22","src_port":50208,"dst_port":8683,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00879{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":523077357,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00922{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":794,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":520019755,"flow_src_last_pkt_time":523077357,"flow_dst_last_pkt_time":520019755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50214,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":266,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90737440,"flow_src_last_pkt_time":99778471,"flow_dst_last_pkt_time":90737440,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.89.249.8","src_port":50290,"dst_port":50649,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00842{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":491978225,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00885{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":491978225,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":491978225,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":78,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":69142856,"flow_src_last_pkt_time":78169259,"flow_dst_last_pkt_time":69142856,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.202.175","src_port":50237,"dst_port":37910,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":151,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358813,"flow_src_last_pkt_time":84388160,"flow_dst_last_pkt_time":75358813,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50264,"dst_port":48380,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":89,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71203227,"flow_src_last_pkt_time":80232155,"flow_dst_last_pkt_time":71203227,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.61.52.183","src_port":50244,"dst_port":63978,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":92,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204889,"flow_src_last_pkt_time":80232033,"flow_dst_last_pkt_time":71204889,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":50247,"dst_port":51560,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":553212305,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":553212305,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":553212305,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82057972,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.244.228.86","src_port":28681,"dst_port":10131,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82057972,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.244.228.86","src_port":28681,"dst_port":10131,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82057972,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.244.228.86","src_port":28681,"dst_port":10131,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":493284151,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":493284151,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":493284151,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":774,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659991,"flow_src_last_pkt_time":551702643,"flow_dst_last_pkt_time":490659991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6599,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":774,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659991,"flow_src_last_pkt_time":551702643,"flow_dst_last_pkt_time":490659991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6599,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":774,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659991,"flow_src_last_pkt_time":551702643,"flow_dst_last_pkt_time":490659991,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.58.238.149","src_port":28681,"dst_port":6599,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90738695,"flow_src_last_pkt_time":99778232,"flow_dst_last_pkt_time":90738695,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":50292,"dst_port":11603,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172719,"flow_src_last_pkt_time":79201010,"flow_dst_last_pkt_time":70172719,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.129.252","src_port":50243,"dst_port":27962,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73299039,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.236.203.37","src_port":50255,"dst_port":52165,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":551890738,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":551890738,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":551890738,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":241,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":88706114,"flow_src_last_pkt_time":97732099,"flow_dst_last_pkt_time":88706114,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.215.130.156","src_port":50287,"dst_port":12405,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":551890466,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":551890466,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":551890466,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":236,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87671361,"flow_src_last_pkt_time":96685413,"flow_dst_last_pkt_time":87671361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.124.66.33","src_port":50282,"dst_port":13060,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":226,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85607249,"flow_src_last_pkt_time":94638412,"flow_dst_last_pkt_time":85607249,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.172.184.48","src_port":50272,"dst_port":13298,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":225,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593690,"flow_src_last_pkt_time":93622465,"flow_dst_last_pkt_time":84593690,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.198.27","src_port":50271,"dst_port":60202,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":84593194,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.27.24.95","src_port":50270,"dst_port":11427,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73301240,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.100.216.210","src_port":50258,"dst_port":7097,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":147,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":74328113,"flow_src_last_pkt_time":83345150,"flow_dst_last_pkt_time":74328113,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.255.200.161","src_port":50260,"dst_port":51394,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":81,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171598,"flow_src_last_pkt_time":79201158,"flow_dst_last_pkt_time":70171598,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.10.152","src_port":50240,"dst_port":21293,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66077768,"flow_src_last_pkt_time":75077028,"flow_dst_last_pkt_time":66077768,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"182.155.128.228","src_port":50216,"dst_port":3256,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032037,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.26.16","src_port":50204,"dst_port":9728,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":771,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659443,"flow_src_last_pkt_time":551881788,"flow_dst_last_pkt_time":490659443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.27.193.6","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":771,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659443,"flow_src_last_pkt_time":551881788,"flow_dst_last_pkt_time":490659443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.27.193.6","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":771,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659443,"flow_src_last_pkt_time":551881788,"flow_dst_last_pkt_time":490659443,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.27.193.6","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":234,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670084,"flow_src_last_pkt_time":96685203,"flow_dst_last_pkt_time":87670084,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.199.148.6","src_port":50280,"dst_port":4338,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":551890943,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":551890943,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":551890943,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":493285866,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":493285866,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":493285866,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":493286026,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":493286026,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":493286026,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":229,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":85608077,"flow_src_last_pkt_time":94638352,"flow_dst_last_pkt_time":85608077,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"122.117.100.78","src_port":50275,"dst_port":9010,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551881619,"flow_dst_last_pkt_time":552092880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551881619,"flow_dst_last_pkt_time":552092880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":490660023,"flow_src_last_pkt_time":551881619,"flow_dst_last_pkt_time":552092880,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":90,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":782,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702802,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"65.182.231.232","src_port":28681,"dst_port":7890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":782,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702802,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"65.182.231.232","src_port":28681,"dst_port":7890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":782,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702802,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"65.182.231.232","src_port":28681,"dst_port":7890,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058765,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.150.49.35","src_port":28681,"dst_port":32448,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058765,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.150.49.35","src_port":28681,"dst_port":32448,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":82058765,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.150.49.35","src_port":28681,"dst_port":32448,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":553212612,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":553212612,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":553212612,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":491980175,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":491980175,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":491980175,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002411,"flow_src_last_pkt_time":72031726,"flow_dst_last_pkt_time":63002411,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.128.217.128","src_port":50200,"dst_port":45194,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":769,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659046,"flow_src_last_pkt_time":551881355,"flow_dst_last_pkt_time":490659046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.110.61.169","src_port":28681,"dst_port":11973,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":769,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659046,"flow_src_last_pkt_time":551881355,"flow_dst_last_pkt_time":490659046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.110.61.169","src_port":28681,"dst_port":11973,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":769,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659046,"flow_src_last_pkt_time":551881355,"flow_dst_last_pkt_time":490659046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.110.61.169","src_port":28681,"dst_port":11973,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65063303,"flow_src_last_pkt_time":74092991,"flow_dst_last_pkt_time":65063303,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.117.153.7","src_port":50213,"dst_port":50138,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":82,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171959,"flow_src_last_pkt_time":79201091,"flow_dst_last_pkt_time":70171959,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.18.172.208","src_port":50241,"dst_port":63172,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90747448,"flow_src_last_pkt_time":99778360,"flow_dst_last_pkt_time":90747448,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":50321,"dst_port":4876,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00778{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00821{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00734{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490660023,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":45,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":45,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"223.17.132.18","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":553212772,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":553212772,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":553212772,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":551891799,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":551891799,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":551891799,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":168,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":79,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70170653,"flow_src_last_pkt_time":79200890,"flow_dst_last_pkt_time":70170653,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.218.41.253","src_port":50238,"dst_port":59144,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":230,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639056,"flow_src_last_pkt_time":95653991,"flow_dst_last_pkt_time":86639056,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":50276,"dst_port":56070,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00768{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00811{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":68109715,"flow_src_last_pkt_time":77122484,"flow_dst_last_pkt_time":68109715,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.36.249.91","src_port":50229,"dst_port":64920,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61977895,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"162.157.143.201","src_port":50195,"dst_port":29762,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":91,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":71204511,"flow_src_last_pkt_time":80232141,"flow_dst_last_pkt_time":71204511,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":50246,"dst_port":45685,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":491980650,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":491980650,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":491980650,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":48,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":65062149,"flow_src_last_pkt_time":74092777,"flow_dst_last_pkt_time":65062149,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.234.18.166","src_port":50210,"dst_port":61404,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":551891992,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":551891992,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":551891992,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":64032422,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.46.139.171","src_port":50205,"dst_port":52120,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":772,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659611,"flow_src_last_pkt_time":551701186,"flow_dst_last_pkt_time":490659611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.192.231.237","src_port":28681,"dst_port":9676,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":772,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659611,"flow_src_last_pkt_time":551701186,"flow_dst_last_pkt_time":490659611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.192.231.237","src_port":28681,"dst_port":9676,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":772,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490659611,"flow_src_last_pkt_time":551701186,"flow_dst_last_pkt_time":490659611,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.192.231.237","src_port":28681,"dst_port":9676,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":551890853,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":551890853,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":551890853,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":551891491,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":551891491,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":551891491,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":216,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":770,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659223,"flow_src_last_pkt_time":490659223,"flow_dst_last_pkt_time":490846962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":770,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659223,"flow_src_last_pkt_time":490659223,"flow_dst_last_pkt_time":490846962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":770,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":490659223,"flow_src_last_pkt_time":490659223,"flow_dst_last_pkt_time":490846962,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"97.83.183.148","src_port":28681,"dst_port":8890,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":235,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":87670730,"flow_src_last_pkt_time":96685056,"flow_dst_last_pkt_time":87670730,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.134.154.158","src_port":50281,"dst_port":54130,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00844{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00887{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66079236,"flow_src_last_pkt_time":75108166,"flow_dst_last_pkt_time":66079236,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.121.165.12","src_port":50219,"dst_port":55376,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -01022{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":153,"flow_dst_packets_processed":159,"flow_first_seen":88704875,"flow_src_last_pkt_time":593713091,"flow_dst_last_pkt_time":593712859,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2615,"flow_dst_tot_l4_payload_len":16813,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01257{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":420,"flow_dst_packets_processed":831,"flow_first_seen":114930776,"flow_src_last_pkt_time":537520589,"flow_dst_last_pkt_time":537520379,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1050,"flow_dst_tot_l4_payload_len":1050152,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":260,"client":230,"server":30}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":500,"client":450,"server":50}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} -00773{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":493283238,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01065{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":239,"flow_state":"finished","flow_src_packets_processed":153,"flow_dst_packets_processed":159,"flow_first_seen":88704875,"flow_src_last_pkt_time":593713091,"flow_dst_last_pkt_time":593712859,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2615,"flow_dst_tot_l4_payload_len":16813,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":50285,"dst_port":52367,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01300{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":334,"flow_state":"finished","flow_src_packets_processed":420,"flow_dst_packets_processed":831,"flow_first_seen":114930776,"flow_src_last_pkt_time":537520589,"flow_dst_last_pkt_time":537520379,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":538,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":1050,"flow_dst_tot_l4_payload_len":1050152,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"189.147.72.83","src_port":50328,"dst_port":26108,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"12": {"risk":"HTTP Numeric IP Address","severity":"Low","risk_score": {"total":300,"client":270,"server":30}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"HTTP.Gnutella","proto_id":"7.35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":1,"category":"Media"}} +00816{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":493283238,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00729{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":493283238,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":551890239,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":551890239,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":373494060,"flow_src_last_pkt_time":551890239,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":96,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.68.255","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00768{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00811{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00724{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":80,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70171206,"flow_src_last_pkt_time":79201060,"flow_dst_last_pkt_time":70171206,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.105.52.2","src_port":50239,"dst_port":6384,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":232,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86640432,"flow_src_last_pkt_time":95653973,"flow_dst_last_pkt_time":86640432,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.231.59.187","src_port":50278,"dst_port":62234,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":766,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490658312,"flow_src_last_pkt_time":490658312,"flow_dst_last_pkt_time":490658312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":766,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490658312,"flow_src_last_pkt_time":490658312,"flow_dst_last_pkt_time":490658312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":766,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490658312,"flow_src_last_pkt_time":490658312,"flow_dst_last_pkt_time":490658312,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.119.55.28","src_port":28681,"dst_port":20347,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01023{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":146,"flow_dst_packets_processed":149,"flow_first_seen":90745963,"flow_src_last_pkt_time":593624376,"flow_dst_last_pkt_time":593620036,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2601,"flow_dst_tot_l4_payload_len":7395,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01066{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":146,"flow_dst_packets_processed":149,"flow_first_seen":90745963,"flow_src_last_pkt_time":593624376,"flow_dst_last_pkt_time":593620036,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":2601,"flow_dst_tot_l4_payload_len":7395,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72265587,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.127.1.235","src_port":50251,"dst_port":37814,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":73300612,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":50257,"dst_port":3054,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":286,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":90745561,"flow_src_last_pkt_time":99778446,"flow_dst_last_pkt_time":90745561,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.110.153.177","src_port":50310,"dst_port":40022,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":63002631,"flow_src_last_pkt_time":72031755,"flow_dst_last_pkt_time":63002631,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.122.93.185","src_port":50201,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66078256,"flow_src_last_pkt_time":75077234,"flow_dst_last_pkt_time":66078256,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":50217,"dst_port":54958,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":491980468,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":491980468,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":6,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":491980468,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":144,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00770{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00813{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00726{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61975786,"flow_src_last_pkt_time":61975786,"flow_dst_last_pkt_time":61975786,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.152.66.153","src_port":50194,"dst_port":43771,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00774{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":493284992,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00817{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":493284992,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00730{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":493284992,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":120,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":83,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":70172361,"flow_src_last_pkt_time":79201116,"flow_dst_last_pkt_time":70172361,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.203.131","src_port":50242,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":66,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67095290,"flow_src_last_pkt_time":76122637,"flow_dst_last_pkt_time":67095290,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.210.81.147","src_port":50225,"dst_port":24800,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":150,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":75358059,"flow_src_last_pkt_time":84388275,"flow_dst_last_pkt_time":75358059,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.182.136.42","src_port":50263,"dst_port":27873,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00769{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00812{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00725{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":67093324,"flow_src_last_pkt_time":76122608,"flow_dst_last_pkt_time":67093324,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"59.104.173.5","src_port":50221,"dst_port":49956,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702853,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702853,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":780,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":490660023,"flow_src_last_pkt_time":551702853,"flow_dst_last_pkt_time":490660023,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.66.94.132","src_port":28681,"dst_port":17735,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00776{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00819{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00732{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00771{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00814{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00727{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":66076724,"flow_src_last_pkt_time":75077158,"flow_dst_last_pkt_time":66076724,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.193.171.146","src_port":50214,"dst_port":53808,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00772{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00815{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00728{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":86639757,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":50277,"dst_port":36368,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3} -00775{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +00818{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00731{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -01018{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":43,"flow_dst_packets_processed":47,"flow_first_seen":71205609,"flow_src_last_pkt_time":593376712,"flow_dst_last_pkt_time":593376534,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":753,"flow_dst_tot_l4_payload_len":5162,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -00777{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","encrypted":0,"breed":"Unrated"}} +01061{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_state":"finished","flow_src_packets_processed":43,"flow_dst_packets_processed":47,"flow_first_seen":71205609,"flow_src_last_pkt_time":593376712,"flow_dst_last_pkt_time":593376534,"flow_idle_time":3285032704,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":303,"flow_dst_max_l4_payload_len":1065,"flow_src_tot_l4_payload_len":753,"flow_dst_tot_l4_payload_len":5162,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.208.180.181","src_port":50249,"dst_port":45883,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01056{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":95716226,"flow_src_last_pkt_time":426377575,"flow_dst_last_pkt_time":426518025,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":61,"flow_src_tot_l4_payload_len":194,"flow_dst_tot_l4_payload_len":165,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +00820{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","ndpi": {"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00733{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":553212866,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":192,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":599747316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3} -00575{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","packets-captured":7491,"packets-processed":7468,"total-skipped-flows":0,"total-l4-payload-len":3617715,"total-not-detected-flows":625,"total-guessed-flows":6,"total-detected-flows":170,"total-detection-updates":5,"total-updates":2555,"current-active-flows":0,"total-active-flows":801,"total-idle-flows":801,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6526,"global_ts_usec":600247226} +00575{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":7491,"source":"gnutella.pcap","alias":"nDPId-test","packets-captured":7491,"packets-processed":7468,"total-skipped-flows":0,"total-l4-payload-len":3617715,"total-not-detected-flows":626,"total-guessed-flows":1,"total-detected-flows":174,"total-detection-updates":5,"total-updates":2555,"current-active-flows":0,"total-active-flows":801,"total-idle-flows":801,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":6526,"global_ts_usec":600247226} ~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~ ~~ packets captured/processed: 7491/7468 ~~ skipped flows.............: 0 ~~ total layer4 data length..: 3617715 bytes -~~ total detected protocols..: 170 +~~ total detected protocols..: 174 ~~ total active/idle flows...: 801/801 ~~ total timeout flows.......: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -~~ total memory allocated....: 7778018 bytes -~~ total memory freed........: 7778018 bytes -~~ total allocations/frees...: 138009/138009 +~~ total memory allocated....: 8185987 bytes +~~ total memory freed........: 8185987 bytes +~~ total allocations/frees...: 138957/138957 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ json string min len.......: 265 chars -~~ json string max len.......: 2514 chars -~~ json string avg len.......: 1389 chars +~~ json string max len.......: 2557 chars +~~ json string avg len.......: 1411 chars |