00612{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00833{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1595957694169758}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694169758,"flow_dst_last_pkt_time":1595957694169758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1595957694169758,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1595957694169758,"flow_dst_last_pkt_time":1595957694169758,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1595957694169758,"pkt":"CL6sCxdumt9Y+uvcCABFAAA86wlAAEAGQqHAqAypRav6FLRQAbvxSUO4AAAAAKAC\/\/943AAAAgQFtAQCCAp3CF\/6AAAAAAEDAwk="}
00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1595957694169758,"flow_dst_last_pkt_time":1595957694175849,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1595957694175849,"pkt":"mt9Y+uvcCL6sCxduCABFAAA8AABAAFUGGKtFq\/oUwKgMqQG7tFDMBUIi8UlDuaASbHAk8gAAAgQFeAQCCAqwcikLdwhf+gEDAwg="}
01056{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694175849,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":447,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":447,"pkt_l4_len":413,"thread_ts_usec":1595957694181636,"pkt":"CL6sCxdumt9Y+uvcCABFAAGx6wtAAEAGQSrAqAypRav6FLRQAbvxSUO5zAVCI4AYAKzC2gAAAQEICncIYAWwcikLFgMBAXgBAAF0AwMbz\/EVbbBeXTFd91pcxBNP5UcnCfq3Wnx+FKK431A8vCCYle6z8aZolVAW\/WsVOAFFqAocCpVZly96\/6VmRt6unAAGEwETAhMDAQABJQArAAUEAwT7GgAKAAYABAAdABcAMwAmACQAHQAgzM0Khe3cuLbHFAoUoUQ75VluiC+bl0wBHYa7GiFLSWoADQAGAAQEAwgEAAAAGwAZAAAWZWRnZS1tcXR0LmZhY2Vib29rLmNvbQAQAAsACQJoMgVoMi1mYgAtAAMCAQAAKgAAACkAoQB8AHb7PHlIDGTq5r6EmcaA47DeHw9k60TmJpJ4kMbWc07CmAAAAACvwY+4+cqVZO3LiyMH\/OBKqYTgxknPoune8SSx08gYUQ5v8dX54IHzjPiACk0t5hhgO+DjiFkUqTNKryO5SnHrNvAKz6QqOMdma4t912EvXAHgfFvQwwAhIFgFM36LO5BemV+W466ubu2dweNDP\/fyvoT9kq0FWNy9"}
01249{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694175849,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":381,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":381,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1595957694181636,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.FacebookMessenger","proto_id":"91.157","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"edge-mqtt.facebook.com","domainame":"edge-mqtt.facebook.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t00d0309h2_55b375c5d22e_2d3f7b9fe3d5","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,h2-fb","tls_supported_versions":"TLSv1.3,TLSv1.3 (Fizz)","blocks":0}}}
00837{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694188758,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":282,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":282,"pkt_l4_len":248,"thread_ts_usec":1595957694188758,"pkt":"mt9Y+uvcCL6sCxduCABFAAEMv+hAAFUGV\/JFq\/oUwKgMqQG7tFDMBUIj8UlFNoAYAHHhaAAAAQEICrByKRd3CGAFFgMDAIACAAB8AwPUEITn7mCrvulT\/NdcXKN5KijcI4g9k3CK2XQ772s3WyCYle6z8aZolVAW\/WsVOAFFqAocCpVZly96\/6VmRt6unBMBAAA0ACsAAvsaADMAJAAdACAO0nP6nc6Qo9rpWYhM5FN2IQ7onG5IGH\/bMnw97GrsYgApAAIAABQDAwABARcDAwBIGZYMK775StJv8IeA6uX06XwsLuMhuuiwj099ayB3wMQVpJF0HhA8WjwU9NAQeMRhHSdrrGCE3zuMW3mj8V6sAMmDjxeKSHVB"}
01299{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694188758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":381,"flow_dst_max_l4_payload_len":216,"flow_src_tot_l4_payload_len":381,"flow_dst_tot_l4_payload_len":216,"midstream":0,"thread_ts_usec":1595957694188758,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.FacebookMessenger","proto_id":"91.157","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"edge-mqtt.facebook.com","domainame":"edge-mqtt.facebook.com","tls": {"version":"TLSv1.3 (Fizz)","ja3s":"fcb2d4d0991292272fcb1e464eedfd43","ja4":"t00d0309h2_55b375c5d22e_2d3f7b9fe3d5","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,h2-fb","tls_supported_versions":"TLSv1.3,TLSv1.3 (Fizz)","blocks":0}}}
00836{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":5,"packets-processed":4,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":597,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":10,"global_ts_usec":1623221441867993}
00773{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221441867993,"flow_dst_last_pkt_time":1623221441867993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623221441867993,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1623221441867993,"flow_dst_last_pkt_time":1623221441867993,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623221441867993,"pkt":"pJGxgjQ5AoEfHBPlCABFAAA8opRAAEAGGajAqAH6XHpfY6OWAbs7TQBaAAAAAKAC\/\/9coQAAAgQFtAQCCAqqdeFuAAAAAAEDAwk="}
00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":2,"flow_src_last_pkt_time":1623221441867993,"flow_dst_last_pkt_time":1623221441879742,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623221441879742,"pkt":"AoEfHBPlpJGxgjQ5CABFAAA8AABAADgGxDxcel9jwKgB+gG7o5aALohKO00AW6AS\/ojeuQAAAgQFtAQCCAoeqlgsqnXhbgEDAwc="}
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":3,"flow_src_last_pkt_time":1623221441880963,"flow_dst_last_pkt_time":1623221441879742,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623221441880963,"pkt":"pJGxgjQ5AoEfHBPlCABFAAA0opVAAEAGGa\/AqAH6XHpfY6OWAbs7TQBbgC6IS4AQAKwLVQAAAQEICqp14Xweqlgs"}
01238{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1623221441893147,"flow_dst_last_pkt_time":1623221441879742,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1623221441893147,"pkt":"pJGxgjQ5AoEfHBPlCABFAAI5opZAAEAGF6nAqAH6XHpfY6OWAbs7TQBbgC6IS4AYAKwUcgAAAQEICqp14YkeqlgsFgMBAgABAAH8AwM\/3MJgstGRUtF6IdQy8M+MWTtJ6vnewHlZ2NQfnRVozSAkvaOHjaKYwT6xTKEA19qtioq1YZm7fTnqMkZGpaur+gAiiooTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUACgEAAZEqKgAAAAAAFwAVAAASdmNzLXZhLnRpa3Rva3YuY29tABcAAP8BAAEAAAoACgAI+voAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AFAASBAMIBAQBBQMIBQUBCAYGAQIBABIAAAAzACsAKfr6AAEAAB0AIHWJ5XleYC+4v5XxNTlfMpiOcRthD\/EJBjx\/JG87h9EPAC0AAgEBACsACwr6+gMEAwMDAgMBABsAAwIAAtraAAEAABUAxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01244{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221441893147,"flow_dst_last_pkt_time":1623221441879742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623221441893147,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.TikTok","proto_id":"91.49","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"vcs-va.tiktokv.com","domainame":"vcs-va.tiktokv.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1615h2_46e7e9700bed_45f260be83e2","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00540{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1623221441893147,"flow_dst_last_pkt_time":1623221441907431,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623221441907431,"pkt":"AoEfHBPlpJGxgjQ5CABFAAA09P1AADgGz0Zcel9jwKgB+gG7o5aALohLO00CYIAQAfoH2wAAAQEICh6qWEaqdeGJ"}
01290{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221441893147,"flow_dst_last_pkt_time":1623221441911029,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1623221441911029,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.TikTok","proto_id":"91.49","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"vcs-va.tiktokv.com","domainame":"vcs-va.tiktokv.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1615h2_46e7e9700bed_45f260be83e2","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":31,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1595957694169758,"flow_src_last_pkt_time":1595957694181636,"flow_dst_last_pkt_time":1595957694188758,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":381,"flow_dst_max_l4_payload_len":216,"flow_src_tot_l4_payload_len":381,"flow_dst_tot_l4_payload_len":216,"midstream":0,"thread_ts_usec":1623221442073719,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"69.171.250.20","src_port":46160,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.FacebookMessenger","proto_id":"91.157","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
00840{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":36,"packets-processed":35,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9095,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":2,"total-updates":0,"current-active-flows":1,"total-active-flows":2,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":20,"global_ts_usec":1623222051753416}
00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051753416,"flow_dst_last_pkt_time":1623222051753416,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623222051753416,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":36,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_src_last_pkt_time":1623222051753416,"flow_dst_last_pkt_time":1623222051753416,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623222051753416,"pkt":"pJGxgjQ56CrqthSFCABFAAA0YDdAAIAGW9bAqAHjNElH4sOXAbv6yL58AAAAAIAC+vC20AAAAgQFtAEDAwgBAQQC"}
00541{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":37,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_src_last_pkt_time":1623222051753416,"flow_dst_last_pkt_time":1623222051852336,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623222051852336,"pkt":"6CrqthSFpJGxgjQ5CABFAAA0AABAAOkGUw00SUfiwKgB4wG7w5czz+y6+si+fYASaQMoIwAAAgQFtAEBBAIBAwMI"}
00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":38,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_src_last_pkt_time":1623222051853870,"flow_dst_last_pkt_time":1623222051852336,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1623222051853870,"pkt":"pJGxgjQ56CrqthSFCABFAAAoYDhAAIAGW+HAqAHjNElH4sOXAbv6yL59M8\/su1AQAgHP+AAAAAAAAAAA"}
01227{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":4,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051852336,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1623222051854478,"pkt":"pJGxgjQ56CrqthSFCABFAAItYDlAAIAGWdvAqAHjNElH4sOXAbv6yL59M8\/su1AYAgGKagAAFgMBAgABAAH8AwP2Khmv4999vpwUP1EoOnS31ke3fIberBET9vuKKMlNryBAWeuhiJlCTX0W\/4n0WweRVOsTuqKwvLZX4E9fXeRQ6QAgKioTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTqqoAAAAAABYAFAAAEXByZXNlbmNlLmZ1emUuY29tABcAAP8BAAEAAAoACgAIGhoAHQAXABgACwACAQAAIwDALvzziNiqB4Ze5MFSHnlzb8hWYrj0cRDYaZNHMomiUFqCxXUzlrycHOkMSmF+mAs4FoNodV+GmtF4XtMEjgO5kwhNORzSobD6od0D3\/aYbaar\/\/DYonxXBprMXmBcJ9b4RCnDhU+XdW+BpxOSa4HjtNqWMxADm+Su+UBHYSh9IVxix9h+ArygY6V1EBkwmyTVuhfQkTb9cH78Ij40gm1v\/C5e1V15IVRYMTYsvrr++ynGCrB3Tx5v+KGj9UxhY+8yABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACkaGgABAAAdACBbsP\/9QyQIQO4OIyzz4ZB5pqvnxU3VMizp3PdADRuUTAAtAAIBAQArAAsKysoDBAMDAwIDAQAbAAMCAAKamgABAAAVAAsAAAAAAAAAAAAAAA=="}
01245{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":39,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051852336,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623222051854478,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"presence.fuze.com","domainame":"presence.fuze.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1515h2_8daaf6152771_de4a06bb82e3","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":40,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_packet_id":5,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051956164,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1623222051956164,"pkt":"6CrqthSFpJGxgjQ5CABFAAAojDhAAOkGxuA0SUfiwKgB4wG7w5czz+y7+sjAglAQAG7PhgAAAAAAAAAA"}
01328{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":41,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051957659,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1623222051957659,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"presence.fuze.com","domainame":"presence.fuze.com","tls": {"version":"TLSv1.2","ja3s":"8d2a028aa94425f76ced7826b1f39039","ja4":"t13d1515h2_8daaf6152771_de4a06bb82e3","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
01552{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":44,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222051854478,"flow_dst_last_pkt_time":1623222051957659,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5281,"midstream":0,"thread_ts_usec":1623222051957659,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP","hostname":"presence.fuze.com","domainame":"presence.fuze.com","tls": {"version":"TLSv1.2","server_names":"*.presence.fuze.com,presence.fuze.com","ja3s":"8d2a028aa94425f76ced7826b1f39039","ja4":"t13d1515h2_8daaf6152771_de4a06bb82e3","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=US, O=Amazon, OU=Server CA 1B, CN=Amazon","subjectDN":"CN=*.presence.fuze.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","fingerprint":"B4:E1:85:91:CD:36:0A:89:7B:6F:A0:C1:11:B5:A5:29:CE:05:13:79","blocks":0}}}
00978{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":15,"flow_first_seen":1623221441867993,"flow_src_last_pkt_time":1623221458497766,"flow_dst_last_pkt_time":1623221458494846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1024,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":2486,"flow_dst_tot_l4_payload_len":6012,"midstream":0,"thread_ts_usec":1623222052202072,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"92.122.95.99","src_port":41878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.TikTok","proto_id":"91.49","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00841{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":67,"packets-processed":66,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":17875,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":3,"total-detection-updates":4,"total-updates":0,"current-active-flows":1,"total-active-flows":3,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":31,"global_ts_usec":1623223595952198}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223595952198,"flow_dst_last_pkt_time":1623223595952198,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623223595952198,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":67,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_src_last_pkt_time":1623223595952198,"flow_dst_last_pkt_time":1623223595952198,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623223595952198,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8ZBhAAEAGCeXAqAGAW8au0MW8AbvaIBcHAAAAAKAC+vC78AAAAgQFtAQCCAq86k7VAAAAAAEDAwc="}
00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":68,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_src_last_pkt_time":1623223595952198,"flow_dst_last_pkt_time":1623223595999034,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623223595999034,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADEGfP1bxq7QwKgBgAG7xbxrNtsg2iAXCKASqbDzDgAAAgQFnAQCCAoXn7wwvOpO1QEDAwk="}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":69,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1623223596002274,"flow_dst_last_pkt_time":1623223595999034,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623223596002274,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA0ZBlAAEAGCezAqAGAW8au0MW8AbvaIBcIazbbIYAQAfbJTQAAAQEICrzqTwcXn7ww"}
01238{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":4,"flow_src_last_pkt_time":1623223596004515,"flow_dst_last_pkt_time":1623223595999034,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1623223596004515,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5ZBpAAEAGB+bAqAGAW8au0MW8AbvaIBcIazbbIYAYAfaOlwAAAQEICrzqTwkXn7wwFgMBAgABAAH8AwNHqKg5ff9pN4z6mF4kWpqqMqKaHx+XuMeqs42tNbV7LSChSfEqp6YPRtLMZMLmQNqEtljyETDHf0bwozDdEsdCbwAkEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQAKAQABjwAAABkAFwAAFHVwbG9hZC53aWtpbWVkaWEub3JnABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIL957qot82y+yMnAjPtVxSeyEIxYxxvDMjwt+qAX5TQ8ABcAQQRXfj8gYEYqC\/WqA1BZSvBzncMiNp5ulY2D3wPu6SAlNp2V5vRT24WMB5CBogqVckk9Kzbp+jkn88E9RQEX7g49ACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01225{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":70,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223596004515,"flow_dst_last_pkt_time":1623223595999034,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623223596004515,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"upload.wikimedia.org","domainame":"upload.wikimedia.org","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1815h2_e8a523a41297_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":71,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_packet_id":5,"flow_src_last_pkt_time":1623223596004515,"flow_dst_last_pkt_time":1623223596051971,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623223596051971,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0PfVAADEGPxBbxq7QwKgBgAG7xbxrNtsh2iAZDYAQAFTIswAAAQEIChefvGW86k8J"}
01270{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":72,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223596004515,"flow_dst_last_pkt_time":1623223596052201,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1623223596052201,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"upload.wikimedia.org","domainame":"upload.wikimedia.org","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1815h2_e8a523a41297_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02132{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":98,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223596109406,"flow_dst_last_pkt_time":1623223596108936,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":1036,"flow_dst_tot_l4_payload_len":16479,"midstream":0,"thread_ts_usec":1623223596109406,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":10127.3,"max":52937,"stddev":19772.5,"var":390950848.0,"ent":2.8,"data": [46836,50076,2241,52937,230,0,0,0,52220,0,0,0,1478,638,2420,52443,0,779,3077,0,237,0,0,0,0,0,199,47900,0,0,235]},"pktlen": {"min":52,"avg":599.8,"max":1500,"stddev":646.4,"var":417856.7,"ent":4.1,"data": [60,60,52,569,52,1500,1500,1252,152,52,52,52,52,132,222,290,355,95,83,1500,1500,1500,1500,1500,1500,1500,1500,374,52,52,52,83]},"bins": {"c_to_s": [10,0,1,0,0,1,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [3,1,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,10,0,0]},"directions": [0,1,0,0,1,1,1,1,1,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0],"entropies": [4.713301182,5.220872402,5.008629799,5.408417225,5.079967022,7.845353127,7.893048763,7.841969490,6.480354786,5.047091007,5.047091484,5.085552692,5.085553169,6.254513264,6.947219372,7.136369228,7.362440109,5.997154236,5.666953564,7.893563271,7.867501259,7.878776073,7.865104198,7.874600887,7.869311810,7.861063480,7.860395432,7.425109863,5.085552692,5.047091007,5.085552692,5.564384460]},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00980{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":107,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":17,"flow_first_seen":1623222051753416,"flow_src_last_pkt_time":1623222112086485,"flow_dst_last_pkt_time":1623222112185361,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":965,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2226,"flow_dst_tot_l4_payload_len":6554,"midstream":0,"thread_ts_usec":1623223596203292,"l3_proto":"ip4","src_ip":"192.168.1.227","dst_ip":"52.73.71.226","src_port":50071,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Fuze","proto_id":"91.270","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":10,"category":"VoIP"}}
00844{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":119,"packets-processed":118,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":35609,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":5,"total-updates":0,"current-active-flows":1,"total-active-flows":4,"total-idle-flows":3,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":42,"global_ts_usec":1623226283573712}
00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226283573712,"flow_dst_last_pkt_time":1623226283573712,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623226283573712,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":119,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":1,"flow_src_last_pkt_time":1623226283573712,"flow_dst_last_pkt_time":1623226283573712,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1623226283573712,"pkt":"pJGxgjQ5AoEfHBPlCABFAAA8M5RAAEAGJgDAqAH6LVLxM5vSAFAXgCu+AAAAAKAC\/\/9tawAAAgQFtAQCCAolvfRMAAAAAAEDAwk="}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":120,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":2,"flow_src_last_pkt_time":1623226283573712,"flow_dst_last_pkt_time":1623226283601626,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1623226283601626,"pkt":"AoEfHBPlpJGxgjQ5CABFAAA0AABAADMGZpwtUvEzwKgB+gBQm9LNImc9F4Arv4ASchAIQAAAAgQFeAEBBAIBAwMK"}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":121,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":3,"flow_src_last_pkt_time":1623226283602794,"flow_dst_last_pkt_time":1623226283601626,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1623226283602794,"pkt":"pJGxgjQ5AoEfHBPlCABFAAAoM5VAAEAGJhPAqAH6LVLxM5vSAFAXgCu\/zSJnPlAQAKy6PQAAAAAAAAAA"}
00786{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":4,"flow_src_last_pkt_time":1623226283612303,"flow_dst_last_pkt_time":1623226283601626,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":244,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":244,"pkt_l4_len":210,"thread_ts_usec":1623226283612303,"pkt":"pJGxgjQ5AoEfHBPlCABFAADmM5ZAAEAGJVTAqAH6LVLxM5vSAFAXgCu\/zSJnPlAYAKzgvQAAR0VUIC9ldV9saXZlLzV1ei8xWU9teFQud2VicD90eXBlPTgmcmVzaXplPTEmZHc9MzYwIEhUVFAvMS4xDQpDYWNoZS1Db250cm9sOiBuby1zdG9yZQ0KVXNlci1BZ2VudDogTGlrZS1BbmRyb2lkDQpIb3N0OiB2aWRlb3NuYXAubGlrZS52aWRlbw0KQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQ0KQWNjZXB0LUVuY29kaW5nOiBnemlwDQoNCg=="}
01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":122,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226283612303,"flow_dst_last_pkt_time":1623226283601626,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":190,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":190,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623226283612303,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Likee","proto_id":"7.261","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"videosnap.like.video","domainame":"videosnap.like.video","http": {"url":"videosnap.like.video\/eu_live\/5uz\/1YOmxT.webp?type=8&resize=1&dw=360","code":0,"content_type":"","user_agent":"Like-Android"}}}
00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":123,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_packet_id":5,"flow_src_last_pkt_time":1623226283612303,"flow_dst_last_pkt_time":1623226283640806,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1623226283640806,"pkt":"AoEfHBPlpJGxgjQ5CABFAAAox9pAADMGns0tUvEzwKgB+gBQm9LNImc+F4AsfVAQAB66DQAAAAAAAAAA"}
02180{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":150,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226284678348,"flow_dst_last_pkt_time":1623226284677149,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":190,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":380,"flow_dst_tot_l4_payload_len":18862,"midstream":0,"thread_ts_usec":1623226284678348,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":71228.2,"max":1031142,"stddev":245139.1,"var":60093177856.0,"ent":1.6,"data": [27914,29082,9509,39180,2950,0,249,0,0,0,0,59912,0,307,0,0,304,0,974261,1031142,0,0,0,29550,491,2002,0,490,0,730,0]},"pktlen": {"min":46,"avg":645.1,"max":1500,"stddev":701.2,"var":491744.0,"ent":4.0,"data": [60,52,46,230,46,1500,1500,1500,1500,1500,1500,1382,46,46,46,46,46,46,46,230,1500,1500,1500,1500,46,46,1500,1500,46,46,46,46]},"bins": {"c_to_s": [15,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,12,0,0]},"directions": [0,1,0,0,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,1,1,1,1,0,0,1,1,0,0,0,0],"entropies": [4.650921822,4.854286671,4.347350597,5.690956593,4.347350597,7.663578510,7.860166073,7.846680641,7.877070427,7.858085155,7.884421825,7.865271091,4.347350597,4.303872585,4.260394573,4.303872585,4.303872585,4.347350597,4.347350597,5.731587410,7.670816898,7.866776943,7.851586819,7.865674973,4.303872585,4.303872108,7.855195045,7.870656013,4.303872585,4.260394096,4.303872108,4.303872585]},"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Likee","proto_id":"7.261","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"videosnap.like.video"}}
01014{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":229,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":28,"flow_dst_packets_processed":24,"flow_first_seen":1623223595952198,"flow_src_last_pkt_time":1623223766553269,"flow_dst_last_pkt_time":1623223766548680,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":1177,"flow_dst_tot_l4_payload_len":16557,"midstream":0,"thread_ts_usec":1623226286427901,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"91.198.174.208","src_port":50620,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Wikipedia","proto_id":"91.176","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"upload.wikimedia.org"}}
00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":231,"packets-processed":230,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":108050,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":5,"total-detection-updates":5,"total-updates":0,"current-active-flows":1,"total-active-flows":5,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":52,"global_ts_usec":1631088115362469}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115362469,"flow_dst_last_pkt_time":1631088115362469,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1631088115362469,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":231,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":1631088115362469,"flow_dst_last_pkt_time":1631088115362469,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1631088115362469,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8aylAAEAG8xTAqAGAx+hSbbaEAbsR7WhdAAAAAKAC+vCzrwAAAgQFtAQCCAqzLdcpAAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":232,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":2,"flow_src_last_pkt_time":1631088115362469,"flow_dst_last_pkt_time":1631088115376274,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1631088115376274,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADQGaj7H6FJtwKgBgAG7toQ\/rdv6Ee1oXqAS\/\/\/HZwAAAgQFTAQCCApg6mr7sy3XKQEDAwk="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":233,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":3,"flow_src_last_pkt_time":1631088115376313,"flow_dst_last_pkt_time":1631088115376274,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1631088115376313,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA0aypAAEAG8xvAqAGAx+hSbbaEAbsR7WheP63b+4AQAfbzyQAAAQEICrMt1zdg6mr7"}
01243{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":4,"flow_src_last_pkt_time":1631088115376494,"flow_dst_last_pkt_time":1631088115376274,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1631088115376494,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5aytAAEAG8RXAqAGAx+hSbbaEAbsR7WheP63b+4AYAfZUwgAAAQEICrMt1zdg6mr7FgMBAgABAAH8AwNsvYMKPiGdDBmc8gxcHlZ6McaxC830ZDhWKJrI4f16WCC\/ugJFj1aqxm57Qz\/TUJEu9YsXXgA6\/cB\/YVkIRk0o5QAgCgoTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTSkoAAAAAABMAEQAADmYudmltZW9jZG4uY29tABcAAP8BAAEAAAoACgAIGhoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACkaGgABAAAdACB\/O5928KTG7yDdHjHfaYOKBpLROSX5g6XsudWwdbYUdQAtAAIBAQArAAsKmpoDBAMDAwIDAQAbAAMCAAJEaQAFAAMCaDIaGgABAAAVAMUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01237{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":234,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115376494,"flow_dst_last_pkt_time":1631088115376274,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1631088115376494,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"f.vimeocdn.com","domainame":"f.vimeocdn.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":235,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_packet_id":5,"flow_src_last_pkt_time":1631088115376494,"flow_dst_last_pkt_time":1631088115392626,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1631088115392626,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0crFAADQG95TH6FJtwKgBgAG7toQ\/rdv7Ee1qY4AQAQnyogAAAQEICmDqawqzLdc3"}
01320{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":236,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115376494,"flow_dst_last_pkt_time":1631088115392643,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1344,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1344,"midstream":0,"thread_ts_usec":1631088115392643,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"f.vimeocdn.com","domainame":"f.vimeocdn.com","tls": {"version":"TLSv1.2","ja3s":"16c0b3e6a7b8173c16d944cfeaeee9cf","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
01537{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":240,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088115392667,"flow_dst_last_pkt_time":1631088115392674,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1344,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4032,"midstream":0,"thread_ts_usec":1631088115392674,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"f.vimeocdn.com","domainame":"f.vimeocdn.com","tls": {"version":"TLSv1.2","server_names":"*.vimeocdn.com","ja3s":"16c0b3e6a7b8173c16d944cfeaeee9cf","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2020","subjectDN":"CN=*.vimeocdn.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","fingerprint":"3A:0F:CF:EC:3C:13:25:E2:E1:4D:C6:52:A6:4D:8D:96:10:1E:8E:37","blocks":0}}}
01015{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":248,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":5,"flow_state":"finished","flow_src_packets_processed":58,"flow_dst_packets_processed":54,"flow_first_seen":1623226283573712,"flow_src_last_pkt_time":1623226466507324,"flow_dst_last_pkt_time":1623226466414542,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":190,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":950,"flow_dst_tot_l4_payload_len":71491,"midstream":0,"thread_ts_usec":1631088115406479,"l3_proto":"ip4","src_ip":"192.168.1.250","dst_ip":"45.82.241.51","src_port":39890,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"HTTP.Likee","proto_id":"7.261","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"videosnap.like.video"}}
00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":256,"packets-processed":255,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":113664,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":6,"total-detection-updates":7,"total-updates":0,"current-active-flows":1,"total-active-flows":6,"total-idle-flows":5,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":63,"global_ts_usec":1637349011376367}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011376367,"flow_dst_last_pkt_time":1637349011376367,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1637349011376367,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":256,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":1637349011376367,"flow_dst_last_pkt_time":1637349011376367,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1637349011376367,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8TGJAAEAGkyTAqAGAj8wJQb8WAbs5hVBVAAAAAKAC+vA+\/wAAAgQFtAQCCAoHfmCrAAAAAAEDAww="}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":257,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":2,"flow_src_last_pkt_time":1637349011376367,"flow_dst_last_pkt_time":1637349011393884,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1637349011393884,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8T5MAAPMGHPOPzAlBwKgBgAG7vxa2dgKJOYVQVqASBZSQpgAAAgQFoAQCCArIQyJ4B35gqwEDAwk="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":258,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":3,"flow_src_last_pkt_time":1637349011393902,"flow_dst_last_pkt_time":1637349011393884,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1637349011393902,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA0TGNAAEAGkyvAqAGAj8wJQb8WAbs5hVBWtnYCioAQABDE0gAAAQEICgd+YL3IQyJ4"}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":259,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":4,"flow_src_last_pkt_time":1637349011393902,"flow_dst_last_pkt_time":1637349011393908,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1637349011393908,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8T5EAAPMGHPWPzAlBwKgBgAG7vxa2dgKJOYVQVqASBZSQsgAAAgQFoAQCCArIQyJsB35gqwEDAwk="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":260,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_packet_id":5,"flow_src_last_pkt_time":1637349011393914,"flow_dst_last_pkt_time":1637349011393908,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":78,"pkt_l4_len":44,"thread_ts_usec":1637349011393914,"pkt":"pJGxgjQ5PKn0qB\/sCABFAABATGRAAEAGkx7AqAGAj8wJQb8WAbs5hVBWtnYCirAQABAcuwAAAQEICgd+YL3IQyJ4AQEFCrZ2Aom2dgKK"}
01248{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":261,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011396134,"flow_dst_last_pkt_time":1637349011393908,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1637349011396134,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.DisneyPlus","proto_id":"91.71","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"prod-static.disney-plus.net","domainame":"prod-static.disney-plus.net","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
01293{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":263,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011396134,"flow_dst_last_pkt_time":1637349011405023,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1637349011405023,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.DisneyPlus","proto_id":"91.71","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"prod-static.disney-plus.net","domainame":"prod-static.disney-plus.net","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00976{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":13,"flow_dst_packets_processed":12,"flow_first_seen":1631088115362469,"flow_src_last_pkt_time":1631088168165179,"flow_dst_last_pkt_time":1631088168165177,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1344,"flow_src_tot_l4_payload_len":610,"flow_dst_tot_l4_payload_len":5004,"midstream":0,"thread_ts_usec":1637349011425927,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"199.232.82.109","src_port":46724,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Vimeo","proto_id":"91.267","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":285,"packets-processed":284,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":121431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":7,"total-detection-updates":8,"total-updates":0,"current-active-flows":1,"total-active-flows":7,"total-idle-flows":6,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":73,"global_ts_usec":1642584017659993}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584017659993,"flow_dst_last_pkt_time":1642584017659993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1642584017659993,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":285,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":1,"flow_src_last_pkt_time":1642584017659993,"flow_dst_last_pkt_time":1642584017659993,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1642584017659993,"pkt":"CL6sCxdumt9Y+uvcCABFAAA8EtFAAEAG2zrAqAypFwxoU5lQAbvzO0RFAAAAAKAC\/\/9KaQAAAgQFtAQCCApYVYYCAAAAAAEDAwk="}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":286,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":2,"flow_src_last_pkt_time":1642584017659993,"flow_dst_last_pkt_time":1642584017680129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1642584017680129,"pkt":"mt9Y+uvcCL6sCxduCABFAAA8AABAADcG9wsXDGhTwKgMqQG7mVB1nT8a8ztERqAS\/ojzIwAAAgQFtAQCCAqw3vMWWFWGAgEDAwc="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":287,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":3,"flow_src_last_pkt_time":1642584017681498,"flow_dst_last_pkt_time":1642584017680129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1642584017681498,"pkt":"CL6sCxdumt9Y+uvcCABFAAA0EtJAAEAG20HAqAypFwxoU5lQAbvzO0RGdZ0\/G4AQAKwfuAAAAQEIClhVhhew3vMW"}
01241{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":4,"flow_src_last_pkt_time":1642584017683650,"flow_dst_last_pkt_time":1642584017680129,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1642584017683650,"pkt":"CL6sCxdumt9Y+uvcCABFAAI5EtNAAEAG2TvAqAypFwxoU5lQAbvzO0RGdZ0\/G4AYAKxdJQAAAQEIClhVhhmw3vMWFgMBAgABAAH8AwP1FYw2XqcZXmePN\/Nf+9e1LzHXZeCulXOtpIacdAs37yCRvlsjJ1cDJi3yxp9rVrpjjUJgWxk34YBmx2q1d+sadQAiEwETAhMDwCvALMypwC\/AMMyowAnACsATwBQAnACdAC8ANQEAAZEAAAAYABYAABNhcGkuYWNjdXdlYXRoZXIuY29tABcAAP8BAAEAAAoACAAGAB0AFwAYAAsAAgEAACMAAAAQAAsACQhodHRwLzEuMQAFAAUBAAAAAAANABQAEgQDCAQEAQUDCAUFAQgGBgECAQAzACYAJAAdACDlaTawkMdxT+YGJN2RtDSPZPswvY9sO\/h42xN4XNh9ZQAtAAIBAQArAAkIAwQDAwMCAwEAFQDlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01235{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":288,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584017683650,"flow_dst_last_pkt_time":1642584017680129,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1642584017683650,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AccuWeather","proto_id":"91.280","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":5,"category":"Web","hostname":"api.accuweather.com","domainame":"api.accuweather.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1713ht_5b57614c22b0_eca864cca44a","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":289,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_packet_id":5,"flow_src_last_pkt_time":1642584017683650,"flow_dst_last_pkt_time":1642584017706128,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1642584017706128,"pkt":"mt9Y+uvcCL6sCxduCABFAAA0SOBAADcGrjMXDGhTwKgMqQG7mVB1nT8b8ztGS4AQAfocSAAAAQEICrDe8zFYVYYZ"}
01280{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":290,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584017683650,"flow_dst_last_pkt_time":1642584017706175,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1642584017706175,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AccuWeather","proto_id":"91.280","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":5,"category":"Web","hostname":"api.accuweather.com","domainame":"api.accuweather.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1713ht_5b57614c22b0_eca864cca44a","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00982{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":15,"flow_dst_packets_processed":14,"flow_first_seen":1637349011376367,"flow_src_last_pkt_time":1637349011425914,"flow_dst_last_pkt_time":1637349011425927,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":792,"flow_dst_tot_l4_payload_len":6975,"midstream":0,"thread_ts_usec":1642584019409362,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"143.204.9.65","src_port":48918,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.DisneyPlus","proto_id":"91.71","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":315,"packets-processed":314,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":128021,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":8,"total-detection-updates":9,"total-updates":0,"current-active-flows":1,"total-active-flows":8,"total-idle-flows":7,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":83,"global_ts_usec":1643355518166568}
00784{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1643355518166568,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1250,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1250,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1250,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1643355518166568,"l3_proto":"ip4","src_ip":"192.168.1.123","dst_ip":"216.58.209.46","src_port":59102,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02217{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_packet_id":1,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1292,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1292,"pkt_l4_len":1258,"thread_ts_usec":1643355518166568,"pkt":"pJGxgjQ5SKRyNpegCABFAAT+PElAAIARThnAqAF72DrRLubeAbsE6urRwAAAAAEIZ7HskbOWr9QAAETQNKtjIjiCXCI+9vqBWPy31G7jDH4RlwYv0XhaWuj0UrdcSVWZIrVwzwDrJa8dEWOeUvaAw7BXeYev6bi8Nu9Z4LWOvt0+XPgNkeHB6PvaZ9N4cpB1UIRx6byg5QljaxCkgdia5\/WZz2yX\/TayWJG0egLwFK4DYqDDADilA59ewmPTSu6+F3\/EVfKw86o2Yio5HeQqtUOtEdw6pRwxBehgjTrZf0PMuk40XDPug94YB\/sEApD8Ghq1zUUVofn\/jZoji68n+CZ74BkmZ8LSaemosx3Vm7YV3yQUauQU4lBHNM2XdkooJSDGv9YINXu8hmpHdW\/1encLGdPSyOJC8itWve1maDbUaMRhrbQrpaAPeVfgND5alDCN2DMGvFe3nB6Pz2LOpDsj\/3ZN3caT5Nt0nSv8HN+DYWZc+2JmBlBY71FJ57bmTqruFnoZ\/GjM0BGxB5WlpJ0M3zE3M16k0p8WRYGK3bOkXFB5rtEix709VUri+WnB1ivvzP4A8iO977JvKVGlPddOYZ4k7qZne6v\/jb1y0P5AatOM7YYIeRI7u8jf\/xM8RY8UTL\/Pv+EQzBcgac+DyXJSt\/sJo+Uuz0dGCYpa4Aa01DbWUiA5x+j4g5WT5LGdKrytMkGgkIcVSlNAt4nWOQc2IroqJjfmf+NbusGe\/Gviz5jV93bOaTFv7sGyuvESP0iH2MD2mwPgizF6t5EabtXWaevGbit0evQ9O3bHeRpQwTlwh0hRD7WqrIf0Wri9spAJN53856UKZFRupvrVqTH40ht5wGl2g3HXmJvEKnWBsD1hEB3sacVd4lWjKim62JMTY6yUmMhRBlNu2AupnyFsChUJ1NgsRbg5cQPowXRIBVG8WcjCs7OHKUH\/zza5xjXEz1FrdKQASDLCvFyh9YUzlRmDx7d99nX5vf9AwJejikY1uel\/yRMHcT9IqYO0kZBeGiX2ZDJD7vD1sF+05Qq++ztAL3CTqhuU\/7KSbWKiGOoFGj9phj6fZiE+g9e7+HIVuvPAKr+aSbxS71gHelt+hKMcDj7jdDFk5P6TqQdUXfqrnN38RDusNZmvWB+23Sj9NvIjlpua1MtXRWVJaLY5mX9AL1kTENCHtxomZwiXSqkSWtzS8dZocOlqjfWrd2hnw5yl8b7T0843OsmN6ZOoho4X9bhFw\/52C+NFDBAC42\/6jsH2i4NdbJBqOAuf4tLWi3oaJ\/0r5Y0wWyVnBbFtq1sx6d6EHxqir52O50dkkD8SF7j+wGSCG2L1l5bcQGnAqpzpZNB8AgofMTbrgYgdYIyrh\/neffOlCQyXy2EgLb\/xWEt+QftF8p5n2FzevDADqTCGGVeWULgrEsb\/3qULNf4uZHaY4HBD6To7yTuITvaXdqFt30MJBKnhBexi0dhA\/MGpMyVJfR\/PhbhWZmiNdx\/LRAV2Semg\/nPWe+DzSBBXm7wJXZiE\/8ewkRVdkujJi\/QhXAX0aOL76X77YYeny\/V35WiIqUmuxRHrBRdP5AMMQo\/adJoX4bzVdEvw3cGw7\/\/hO2VzwL5m0trABzWAWdjRjsrTEu\/mWAVCZDP5\/peoG8YXeXsdHWwpRLyNJpzOlRz5aND24Jgn5x2v3PqoD5RBiIEHwD8jlV2fRCZXq1e7tPV6eLhSI74="}
01262{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":315,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1643355518166568,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1250,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1250,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1250,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1643355518166568,"l3_proto":"ip4","src_ip":"192.168.1.123","dst_ip":"216.58.209.46","src_port":59102,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.GoogleClassroom","proto_id":"188.281","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative","hostname":"classroom.google.com","domainame":"classroom.google.com","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0310h0_55b375c5d22e_cd85d2d88918","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
00974{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":8,"flow_state":"info","flow_src_packets_processed":16,"flow_dst_packets_processed":14,"flow_first_seen":1642584017659993,"flow_src_last_pkt_time":1642584019409362,"flow_dst_last_pkt_time":1642584019407774,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":924,"flow_dst_tot_l4_payload_len":5666,"midstream":0,"thread_ts_usec":1643355518166568,"l3_proto":"ip4","src_ip":"192.168.12.169","dst_ip":"23.12.104.83","src_port":39248,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AccuWeather","proto_id":"91.280","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":5,"category":"Web"}}
00845{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":316,"packets-processed":315,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":129271,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":9,"total-detection-updates":9,"total-updates":0,"current-active-flows":1,"total-active-flows":9,"total-idle-flows":8,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":88,"global_ts_usec":1646482623895784}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482623895784,"flow_src_last_pkt_time":1646482623895784,"flow_dst_last_pkt_time":1646482623895784,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482623895784,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"31.222.67.112","src_port":35054,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":316,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":1,"flow_src_last_pkt_time":1646482623895784,"flow_dst_last_pkt_time":1646482623895784,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482623895784,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8U5dAAEAGwa7AqAGAH95DcIjuAbuZU7+5AAAAAKAC+vB+rAAAAgQFtAQCCAqYsCyFAAAAAAEDAwc="}
00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":2,"flow_src_last_pkt_time":1646482623895784,"flow_dst_last_pkt_time":1646482623937401,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646482623937401,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0AABAADIGI04f3kNwwKgBgAG7iO5SHRbemVO\/uoASa9CRawAAAgQFUAEBBAIBAwMH"}
01231{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":3,"flow_src_last_pkt_time":1646482623941304,"flow_dst_last_pkt_time":1646482623937401,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646482623941304,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItU5lAAEAGv7vAqAGAH95DcIjuAbuZU7+6Uh0W31AYAfZFAQAAFgMBAgABAAH8AwM7S+zQhzGHYgeM16HLoV5Lvv0qFp3\/Q9lLhcf6NGzgACCV4MycI1TbPUTQp0gTtBJdGxhCWPX0NxBb4Keh1UEhIQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAASABAAAA13d3cuYmFkb28uY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIDy\/wV7uHvn89KVxoNawBj6O\/1N7J\/Rv6ROuT\/L2i752ABcAQQR8rtiFUa3yYRs4u6Ro\/84M9BXHGtIJp6HdzCSQRE\/jjRMPOqb5+WU5M\/Rwa3rXtSAPp6MS0Mul28MptoKZ2BK0ACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01217{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":318,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482623895784,"flow_src_last_pkt_time":1646482623941304,"flow_dst_last_pkt_time":1646482623937401,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482623941304,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"31.222.67.112","src_port":35054,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Badoo","proto_id":"91.279","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.badoo.com","domainame":"www.badoo.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02397{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_packet_id":4,"flow_src_last_pkt_time":1646482623941304,"flow_dst_last_pkt_time":1646482623982001,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1434,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1434,"pkt_l4_len":1400,"thread_ts_usec":1646482623982001,"pkt":"PKn0qB\/spJGxgjQ5CABFAAWMHvFAADIG\/wQf3kNwwKgBgAG7iO5SHRbfmVPBv1AQAOB4awAAFgMDAHoCAAB2AwMBOlQdLRqpUsqWU1clCZ7klKi96n1oTnu+vT02oJgW2iCV4MycI1TbPUTQp0gTtBJdGxhCWPX0NxBb4Keh1UEhIRMCAAAuACsAAgMEADMAJAAdACBdREM9zW8tCKNRQYxRhrzDDVGCe7mvlF55d9cEQ8fnJxQDAwABARcDAwAqwOlula4VkCoyA\/2RUbihod6JBKUVuHfwrD\/86IOS7iXKFEgjxzZ0LFDwFwMDD+gwKM1D+u7+jAjgLQq7sEHWpMgMLT2RYAkEV1ruOCjp4mwSNCGV6l5SHU0ggKPS+FiJkgk4YokIHIgul2aYNTj7iMtdUmICYgsRxENplMLGWm0yd4J3HY2+3\/MPyGPG3TpaJGn9ben+O3u6Gv1uKJ9dWKYQT8fDN2xTplCzVHQwlFbLQ0t+UOcYy\/iDz5q14Lu1OIyx+IGDuCaCbYc9sZrZ\/bSSGiKqXlz6Quw\/lmC6qdmjhYd45sm176c7cQD5W5fzCeFF5Q7erksXssZLQT1ZVHeET2SezH\/E79KPI3nM+JspYN7Pjo978Z2jM9fCHVH8WDV9diIfSPQBJdPzj9FYNCKHTfBdBJZcXw3lyTiYcWpDKP88b4MSLQoMnLvd2no7XIRFuB2O5RaSqozV4MvmqdHAtsPRvza7Hkvb\/qv9nY3z2wOtBgVb7mxYFTi4q29DgN7WuUXt2FSCqHsEZGgH2nbaDAMot\/MvUnPbJQOTBA2cgol5u7Aty+ZKK7jjp9UZa3kDOeKZKtbaYsLpnwY2bzKq7vG5BVO+wFeLg7+qsNFJmyGiMkeLevcIcfTYXYerSo7b2\/pS6iYfkLkG1wcdU2JJGBCnja7OwZGm846Odo0KvSgzCP\/NfYSvuGd6YoniKlv74qpDUSZ557fG4QxTwsIDrpNhJHcnODUqRjMPgHhAH8rui41sZUZyGlPzrQI+lMZRuxEUuVc+e70gSCxQ8f+CivuEaBkXJg23p84Xc0IuNYUBZDEk3uYT9HewerAq3nZlOH5988TRP43yweIXGvlNQnkLy9bCgWN8B7K0QBAfIEU+lUxajQjYFbDST+r1lzzDTLIt9WFj3bFElU4dVBwQinUgsKdqWAi+lzORar3qX6EaJlK4AyDSAoASn1ur8CWvb66CAA+nwl7QV20vZdrqGDLQWNGMHWEkOariSfRJJ1Hp9fBjcrdm3X2lzrdsKVr3pGGnAmrDe+Rvl8obhtVagbtX3EsWozTF7XGQcJUZjyf2IoDgiLDakFBORcEACPBg2kD424rMRb1RSBgioRGPr7S1kzHT7WjqRrom+ongImeQW5us5GtXNLgnEsaopUm9AbnDE0MQHqeJErjIGkT7uOTUJ1zjJamD5Dw\/YLVf5QZFdbVf0I5OOZ\/ihvU13dxQGjMcAzJmhtFqq59Rs1rYHoTb2ox8WgJZVOx8tQ9TkKfYYD2HoYD\/\/VNOHgBJ7VLWyCGzW6fwVS\/4FRqNm4cYcQ5qga346v7D3LdFSNrgQcahnu8biDWCDM3ib1n2vOlgCVI4GZR5OMfFHaksSdepATDGNn4TMrS6WS+u+mNHNoJAamXHKBK9giqetScdyvIS1ZeXg84IyEEj8yXklW6NQS2XQ8bojNQdEdihX4jh6v+XIanUt1UxNS5VkYI\/I7MwNFipJ\/6nozLSWYNQnABypmyuqm\/cqzLAeAXDOMjxteW7DsZ1gbXGKoEGwirLRm9CALjp+eM9PArnMcvN8Waw6qVfMQqPAAkJA1ycJ4INV1FHw0V+xtHDxRS3+i3LpzjURn0qmiqGNvisApw11Q1EDt\/EXvNoHilJO41eOP\/81\/+2YHa8aMIb"}
01262{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":319,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482623895784,"flow_src_last_pkt_time":1646482623941304,"flow_dst_last_pkt_time":1646482623982001,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1380,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1380,"midstream":0,"thread_ts_usec":1646482623982001,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"31.222.67.112","src_port":35054,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Badoo","proto_id":"91.279","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.badoo.com","domainame":"www.badoo.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
01028{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1643355518166568,"flow_src_last_pkt_time":1643355518166568,"flow_dst_last_pkt_time":1643355518166568,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1250,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1250,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1250,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482623982001,"l3_proto":"ip4","src_ip":"192.168.1.123","dst_ip":"216.58.209.46","src_port":59102,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.GoogleClassroom","proto_id":"188.281","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":15,"category":"Collaborative","hostname":"classroom.google.com"}}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482634412021,"flow_src_last_pkt_time":1646482634412021,"flow_dst_last_pkt_time":1646482634412021,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482634412021,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"172.65.251.78","src_port":53998,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":320,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":1,"flow_src_last_pkt_time":1646482634412021,"flow_dst_last_pkt_time":1646482634412021,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482634412021,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8ehBAAEAGVvPAqAGArEH7TtLuAburPYAuAAAAAKAC+vCVcQAAAgQFtAQCCAoaoTMuAAAAAAEDAwc="}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":321,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":2,"flow_src_last_pkt_time":1646482634412021,"flow_dst_last_pkt_time":1646482634431503,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646482634431503,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0AABAADkG2AusQftOwKgBgAG70u5kgyMxqz2AL4AS\/\/99tgAAAgQFeAEBBAIBAwMK"}
01228{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":3,"flow_src_last_pkt_time":1646482634434348,"flow_dst_last_pkt_time":1646482634431503,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646482634434348,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItehJAAEAGVQDAqAGArEH7TtLuAburPYAvZIMjMlAYAfajwgAAFgMBAgABAAH8AwNOB4Gzi6+YArAvzkfwrorK9DEddM7BFl3e3mWx5EKfGSCorzDjbh21t2eWZKubSdOdkcLfUyHi+FUzEXYnC03sBQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAATABEAAA53d3cuZ2l0bGFiLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACA5FC8LVJQpX7CGnPMJyGCVSqmP\/UlOQqTKt4aSCzonPAAXAEEEf41WX9lKjs6LoM+3mxjeublwFG7G1\/kkw4gmsHPLzdToe\/hXlsiK3SyaMLeOC3M5q1ZNvI72xevTMYH\/wlBkVwArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01226{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":322,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482634412021,"flow_src_last_pkt_time":1646482634434348,"flow_dst_last_pkt_time":1646482634431503,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482634434348,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"172.65.251.78","src_port":53998,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GitLab","proto_id":"91.262","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative","hostname":"www.gitlab.com","domainame":"www.gitlab.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02510{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_packet_id":4,"flow_src_last_pkt_time":1646482634434348,"flow_dst_last_pkt_time":1646482634459323,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482634459323,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXceV9AADkGWQSsQftOwKgBgAG70u5kgyMyqz2CNFAQAEKNSQAAFgMDAHoCAAB2AwOin8T6dzGlyyK0DvppPiISvrk7dqZI+leD9FteRWHG8iCorzDjbh21t2eWZKubSdOdkcLfUyHi+FUzEXYnC03sBRMBAAAuADMAJAAdACBBtXjy4Yur6Cx+FZ6ahqTyRQP1am+KynPVHHuTrFmEKwArAAIDBBQDAwABARcDAxTt0X4oP78zRG686EzR\/MTdyQH+1EJ7KsvP\/L\/7p5w+\/5BeqGct+awNdywgHk6IS\/zlJX2HvtVwEk8EQeUUtOmhPaGQiMMTLxoj49Ce9vOLqMFrm2k7E8LvufczYtE4HK2ojlioAdHxpbVnNdRIyDlVohFevMeFo9Gq5CKrF1tkVi4+sHrINmZB9NnMECur5PVRQ0fpsQC+D77HtmQPd\/H0hYZPDWaMZmIELhuD0qv+JlitRgvnPWG2NBe20hM39T0mtXgkcC5JgSpxtRvVXuT4kHcXT9bO8LnbcgZfQ26BMEH04oNytwS8LNl5VETPbc88EBihWRBA6rYRHn1bu6AH9ke2DrQMnPMI7ztVR4hNQhnE0Nf890u5YRBJVsZjC3I7EHFT+a3gRllUoe\/8N3TpGtH0utX0vfv9I68d28tY\/5Bk8OskuDlaLwKmWk9B7sIRy7bKAawAvHwhZHpL3LvsosNQXyegyzG6YSIqiTeqHcpibbqwP6DVFSJpVOwLF5JPsOowS+IJNRLoVZNHb0xa\/EbtBA8unsZbJDwJtzi9ylxFhDgiqm6HOi\/9sIKNvZM2WCGrcbZnr0JWAPNpheFKkT0692FZrBHIGKtze2gcSipGyeR\/3kRqLffDteSkfoC+Qw+IHwt9tGLRbJCoNw0yqiorPEcfE2I1D8kduBKoZGzSezAFAi8IJNGJRARS2H6UYTeTtPYKUbHLZN\/TnSrg2K3XuksuULh8mNjfGzdyM32jpxZq3GKhlQOuo5TRYPV6H7GXu20wVALBIvAqwIL8z4J1mfkt5xGsdxRUX2z8LO7oBQ7VujDni\/sZD1YrXPPHCMxCrlXNhGAlb3Kgbofz\/xQZpXZLr4aiIhZNRq56K\/i4bJp6xQSp6ZUWbHJnlpoc2K25adxRMjxAoexMzHPyw5igFaC5ae5uhb4pNIgc9nZfwvBaw\/PPKQyCe6RF2+x4WAZbYDmVQsEvcIP+Vyhmeath1qCJgd6p5qWsvZ2qQdLp0tnd3tqKipwYPJCg+\/zPcq+hpvBpsHWSauYiPbEYLvy4nlVJS\/TGqcNgSSuiEYh0n2JS34n94J2SdaH6xrUwN09S0sCLnrHbcrNDbpiYWNhCnupix3tACdV8LzlWKqnBKE\/9lOipYb3aveGfNO6MH6RIALNFn9PieYl6N+bnjqY18bCioqF218s9ScyZcG+wnGKX4iiG6LY98miFoM417176W2i90t2vCfMXGZwgiLxI7IBRbEMXwsmiZDm2n5s99R0hXmsuZ\/Nu1X74EHLqDyqldyjA7\/5DnZ08bCDOar\/lDiExUbPr03vFdXGahFeAp6+vN54hrwvCOYfF64WBpfFMzuOX7zSMxNxtbAZo+38nQ5IvF9LYK4tdZBlIJ8KVcyfojXSPbP3xU1hw9Gcew0VuRuuPtGyHonBp\/JokloLky15Jxmy1gzj757RoCZDBBsAm9bo3QAixwnv6q0auA3cmtyLnHhH7GbfkElIcH+djw42furCP6AROJKwnkNImVsbovt\/Mam99C1YGXu894Qga70am0lnwdsDOiiODNqlZRGvZH7zgu\/sXPJyocfr5T07EK6mfCgHH6dN\/J+bb1reKCPgsSX6I+LC5QjXWdiJFz5fpF73ukhXTiTv3AhqPf7AefF9D3x9f9JDZSes2LpJGhXqB3bZ2PVr78R\/me8IFk0VV\/+0x0GKaVnGj3eB8LbI7UFKJvJ+sr+fHhxJ8uGB1tEFpreSm96prGxop9+v+Y3JoVDh+OKM="}
01271{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":323,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482634412021,"flow_src_last_pkt_time":1646482634434348,"flow_dst_last_pkt_time":1646482634459323,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1646482634459323,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"172.65.251.78","src_port":53998,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GitLab","proto_id":"91.262","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative","hostname":"www.gitlab.com","domainame":"www.gitlab.com","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482646628933,"flow_src_last_pkt_time":1646482646628933,"flow_dst_last_pkt_time":1646482646628933,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482646628933,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.128","src_port":42580,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":324,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":1,"flow_src_last_pkt_time":1646482646628933,"flow_dst_last_pkt_time":1646482646628933,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482646628933,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8eQxAAEAGb\/bAqAGAAhGNgKZUAbv+Ru5OAAAAAKAC+vDfwAAAAgQFtAQCCAp7uQs2AAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":325,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":2,"flow_src_last_pkt_time":1646482646628933,"flow_dst_last_pkt_time":1646482646646506,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482646646506,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADgG8QICEY2AwKgBgAG7plR0ThXR\/kbuT6AS\/oh2XAAAAgQFtAQCCAqpkTIKe7kLNgEDAwc="}
01241{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":3,"flow_src_last_pkt_time":1646482646648976,"flow_dst_last_pkt_time":1646482646646506,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482646648976,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5eQ5AAEAGbffAqAGAAhGNgKZUAbv+Ru5PdE4V0oAYAfbaKAAAAQEICnu5C0qpkTIKFgMBAgABAAH8AwMSh5Kk8yD8gdWVB2YFzzg9KRBCWJ\/pzlApBrokxgf2OCBs84UpHDw4uY4jKpCVZJzZAhJUrEs0AlJ7gTtfJSwiWgAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAXABUAABJ3d3cuYWN0aXZpc2lvbi5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAg40qefHDImQJEkibGm9hnpGwl44lKo4KOQS8qsLRSATsAFwBBBPNBVrG5A+ZLqrow1aQOaEgsW+53RcPAplpAt8ULtljoAJH8CjL7YTSZ+PIOiRhMhirRlex47cXc5PiOAFYE9T0AKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01222{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":326,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482646628933,"flow_src_last_pkt_time":1646482646648976,"flow_dst_last_pkt_time":1646482646646506,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482646648976,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.128","src_port":42580,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Activision","proto_id":"91.258","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"www.activision.com","domainame":"www.activision.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02492{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":4,"flow_src_last_pkt_time":1646482646648976,"flow_dst_last_pkt_time":1646482646665639,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482646665639,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcd01AADgGdBUCEY2AwKgBgAG7plR0ThXS\/kbwVIAQAfqb3wAAAQEICqmRMh57uQtKFgMDAFQCAABQAwMSqtJ8eER6O\/1kuWPcyWxOQ3XrBneIapjEO2SmC4s8\/gDAMAAAKP8BAAEAAAAAAAALAAQDAAECACMAAAAFAAAAEAALAAkIaHR0cC8xLjEWAwMPswsAD68AD6wACw4wggsKMIIJ8qADAgECAhACiweA2Zr6e84+z+bwzVw\/MA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTAeFw0yMTEyMDcwMDAwMDBaFw0yMjEyMDcyMzU5NTlaMHgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRUwEwYDVQQHEwxTYW50YSBNb25pY2ExJDAiBgNVBAoTG0FjdGl2aXNpb24gUHVibGlzaGluZywgSW5jLjEXMBUGA1UEAxMOYWN0aXZpc2lvbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbg3ttx5\/jVn3uPSHg51dYJw2C\/HhUcEFRJBoUDUAbszH3JZsuunxK+CF6DGOrwYtoJBSsn3e3zPloka7WL7rfO5NOUsiIW13pmwHYBrB8mRBUkJzKuafLjEpAhxznpqT\/p5Jwr6+DRppjEDksDurlkpE3Lyoujc8M4svRdMT\/420+SWk3BQORySViujkcxVQgcEXu34yoeXcYjdJRxnstpdHrE27wbJjY4aoP03Oq4lQ3yF5\/+D13l6ma5esTSvpzcS0JG7l\/CuglBWAxTbVyv9gyY5lwshqOO77v0uogozAqGXPxe31m4DrDzrNZbyboDssOIJkbtMv1LALTMjgPAgMBAAGjgge5MIIHtTAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o541GOLQs4cbZ4jAdBgNVHQ4EFgQURe0k84cbYUEzu80ezxpPzHYumaYwggSEBgNVHREEggR7MIIEd4Idd3d3LmJlbmVmaXRzZm9yZXZlcnl3b3JsZC5jb22CGHdvcmxkc2VyaWVzb2Z3YXJ6b25lLmNvbYIMdHJleWFyY2guY29tgg50b3lzZm9yYm9iLmNvbYISc3B5cm90aGVkcmFnb24uY29tghVzbGVkZ2VoYW1tZXJnYW1lcy5jb22CDnNreWxhbmRlcnMuY29tgg9zaWVycmFnYW1lcy5jb22CEXNla2lyb3RoZWdhbWUuY29tghFyYXZlbnNvZnR3YXJlLmNvbYIVcHJldmlldy5kZW1vbndhcmUubmV0ghBpbmZpbml0eXdhcmQuY29tghNoaWdobW9vbnN0dWRpb3MuY29tggxoaWdobW9vbi5jb22CDmd1aXRhcmhlcm8uY29tghlldXJvcGVhbndhcnpvbmVzZXJpZXMuY29tgg1kZW1vbndhcmUubmV0ghJjcmFzaGJhbmRpY29vdC5jb22CGmNkbi5naDUucHMzLmd1aXRhcmhlcm8uY29tghRjYWxsb2ZkdXR5bGVhZ3VlLmNvbYIXY2FsbG9mZHV0eWVuZG93bWVudC5vcmeCF2NhbGxvZmR1dHllbmRvd21lbnQuY29tgg5jYWxsb2ZkdXR5LmNvbYIZYmVuZWZpdHNmb3JldmVyeXdvcmxkLmNvbYIUYWN0aXZpc2lvbnJldGFpbC5jb22CG2FjdGl2aXNpb25ibGl6emFyZG1lZGlhLmNvbYIWYWN0aXZpc2lvbmJsaXp6YXJkLmNvbYIOYWN0aXZpc2lvbi5jb22CGioud29ybGRzZXJpZXNvZndhcnpvbmUuY29tgg4qLnRyZXlhcmNoLmNvbYIQKi50b3lzZm9yYm9iLmNvbYIYKi5zdXBwb3J0LmFjdGl2aXNpb24uY29tghQqLnM="}
01312{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":327,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482646628933,"flow_src_last_pkt_time":1646482646648976,"flow_dst_last_pkt_time":1646482646665639,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482646665639,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.128","src_port":42580,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Activision","proto_id":"91.258","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"www.activision.com","domainame":"www.activision.com","tls": {"version":"TLSv1.2","ja3s":"35af4c8cd9495354f7d701ce8ad7fd2d","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02493{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":328,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_packet_id":5,"flow_src_last_pkt_time":1646482646648976,"flow_dst_last_pkt_time":1646482646665667,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482646665667,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcd05AADgGdBQCEY2AwKgBgAG7plR0Tht6\/kbwVIAYAfrWBAAAAQEICqmRMh57uQtKcHlyb3RoZWRyYWdvbi5jb22CFyouc2xlZGdlaGFtbWVyZ2FtZXMuY29tghAqLnNreWxhbmRlcnMuY29tghEqLnNpZXJyYWdhbWVzLmNvbYITKi5zZWtpcm90aGVnYW1lLmNvbYITKi5yYXZlbnNvZnR3YXJlLmNvbYISKi5pbmZpbml0eXdhcmQuY29tghUqLmhpZ2htb29uc3R1ZGlvcy5jb22CDiouaGlnaG1vb24uY29tghAqLmd1aXRhcmhlcm8uY29tghsqLmV1cm9wZWFud2Fyem9uZXNlcmllcy5jb22CDyouZGVtb253YXJlLm5ldIIUKi5jcmFzaGJhbmRpY29vdC5jb22CFiouY2FsbG9mZHV0eWxlYWd1ZS5jb22CGSouY2FsbG9mZHV0eWVuZG93bWVudC5vcmeCGSouY2FsbG9mZHV0eWVuZG93bWVudC5jb22CECouY2FsbG9mZHV0eS5jb22CFiouYWN0aXZpc2lvbnJldGFpbC5jb22CHSouYWN0aXZpc2lvbmJsaXp6YXJkbWVkaWEuY29tghgqLmFjdGl2aXNpb25ibGl6emFyZC5jb22CECouYWN0aXZpc2lvbi5jb20wDgYDVR0PAQH\/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBvBgNVHR8EaDBmMDGgL6AthitodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LTEuY3JsMDGgL6AthitodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc3NjYS1zaGEyLWc2LTEuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAX2WfxDUAAAEAwBHMEUCIBISkBbQZNriCyoIdBCE\/cgggWQAekqH8O2AfL7+bc+CAiEAjAqn46A2h+20pFviedEv72vQn6dfOoDX9ceIQC9v8DgAdgBRo7D1\/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAX2WfxCkAAAEAwBHMEUCIEpBa7X3XgVNqCYCeFO4DHrNiW0+E5rl1UiIPDa9tBV3AiEAqF6N89fxuCAoWiK0aqAOrsK+6J4P3aWqD0TmvXVpE9AAdQBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAX2WfxBgAAAEAwBGMEQCID+AS2nmynkq\/suUOBEHLyiPBCM03jkRsvq1sDTrFOiTAiBibUucsS9dw9YHXtwyX5ApJxYx0wrkEBM66ZDooAD6ljANBgkqhkiG9w0BAQsFAAOCAQEAEmJviAcPdhvZSOkS8uzYwoToN9CGL8904Fe1tHX\/OkxfkOsGfAgfksDPXrGEIeL4wi\/NWvX2inx9zgDmTmgG\/30mAEChidRPK3c6m5FVjAbmN79Dv7Odh8U1YWyw9zhCVK2QjnLwIZQeDHThq8pDL8OhwQJeUNQT301kOqynS5mkt84TxWiKjbe6yCFr3WvNcAtpShMYfQdzpEtPHG4PlPB+42mYmB+o\/\/giMLiKGuBMd4Tli1Gw04jubi5gIUY+c92ndpjaviizKQHT9TeTV6B4g\/R8L5uJwWk="}
02664{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":330,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646482646628933,"flow_src_last_pkt_time":1646482646648976,"flow_dst_last_pkt_time":1646482646669027,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4944,"midstream":0,"thread_ts_usec":1646482646669027,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.128","src_port":42580,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Activision","proto_id":"91.258","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"www.activision.com","domainame":"www.activision.com","tls": {"version":"TLSv1.2","server_names":"www.benefitsforeveryworld.com,worldseriesofwarzone.com,treyarch.com,toysforbob.com,spyrothedragon.com,sledgehammergames.com,skylanders.com,sierragames.com,sekirothegame.com,ravensoftware.com,preview.demonware.net,infinityward.com,highmoonstudios.com,highmoon.com,guitarhero.com,europeanwarzoneseries.com,demonware.net,crashbandicoot.com,cdn.gh5.ps3.guitarhero.com,callofdutyleague.com,callofdutyendowment.org,callofdutyendowment.com,callofduty.com,benefitsforeveryworld.com,activisionretail.com,activisionblizzardmedia.com,activisionblizzard.com,activision.com,*.worldseriesofwarzone.com,*.treyarch.com,*.toysforbob.com,*.support.activision.com,*.spyrothedragon.com,*.sledgehammergames.com,*.skylanders.com,*.sierragames.com,*.sekirothegame.com,*.ravensoftware.com,*.infinityward.com,*.highmoonstudios.com,*.highmoon.com,*.guitarhero.com,*.europeanwarzoneseries.com,*.demonware.net,*.crashbandicoot.com,*.callofdutyleague.com,*.callofdutyendowment.org,*.callofdutyendowment.com,*.callofduty.com,*.activisionretail.com,*.activisionblizzardmedia.com,*.activisionblizzard.com,*.activision.com","ja3s":"35af4c8cd9495354f7d701ce8ad7fd2d","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA","subjectDN":"C=US, ST=California, L=Santa Monica, O=Activision Publishing, Inc., CN=activision.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"F7:39:B4:E7:27:83:D4:55:8B:13:77:16:D5:8A:3E:77:FB:2A:4F:41","blocks":0}}}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482659915877,"flow_src_last_pkt_time":1646482659915877,"flow_dst_last_pkt_time":1646482659915877,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482659915877,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"146.75.62.167","src_port":46084,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":333,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_packet_id":1,"flow_src_last_pkt_time":1646482659915877,"flow_dst_last_pkt_time":1646482659915877,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482659915877,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8NwhAAEAGcJnAqAGAkks+p7QEAbuPD+ThAAAAAKAC+vAn\/AAAAgQFtAQCCAp9leqxAAAAAAEDAwc="}
00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":334,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_packet_id":2,"flow_src_last_pkt_time":1646482659915877,"flow_dst_last_pkt_time":1646482659944153,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482659944153,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADkGrqGSSz6nwKgBgAG7tAQzgGmMjw\/k4qAS\/\/\/dhgAAAgQFTAQCCAr4JbCIfZXqsQEDAwk="}
01244{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_packet_id":3,"flow_src_last_pkt_time":1646482659945895,"flow_dst_last_pkt_time":1646482659944153,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482659945895,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5NwpAAEAGbprAqAGAkks+p7QEAbuPD+TiM4BpjYAYAfarGwAAAQEICn2V6s\/4JbCIFgMBAgABAAH8AwPVHsjDDxZ0MEuPnh4mVZQrYKtXYBQ9pfekL0WuWf4AwyAvTRXY5\/1xoex7GTddskZx0XzTM0eEKSDE8zjmPz09AAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAASABAAAA1ncWwudHdpdGNoLnR2ABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AICTuPjjZ\/cozh9y3b4u57OZ+NqRixmrA1oX4LnqMFUIxABcAQQTtWijAm0UTGHfpz\/ha9z62jseAV4wQoU798kRZvjxGrgocjEiYQtFtFEOacmIDo8c6dP4orndC+2JQqffkv\/gjACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01211{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":335,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482659915877,"flow_src_last_pkt_time":1646482659945895,"flow_dst_last_pkt_time":1646482659944153,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482659945895,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"146.75.62.167","src_port":46084,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Twitch","proto_id":"91.195","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"gql.twitch.tv","domainame":"gql.twitch.tv","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02378{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_packet_id":4,"flow_src_last_pkt_time":1646482659945895,"flow_dst_last_pkt_time":1646482659961974,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1406,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1406,"pkt_l4_len":1372,"thread_ts_usec":1646482659961974,"pkt":"PKn0qB\/spJGxgjQ5CABFAAVwplJAADkGAxuSSz6nwKgBgAG7tAQzgGmNjw\/m54AQAQmBCgAAAQEICvglsJt9lerPFgMDAHoCAAB2AwMXhU+5j8fj8+LmIWs1aEw5lqQ0ApW13JUWPxOTm94dDyAvTRXY5\/1xoex7GTddskZx0XzTM0eEKSDE8zjmPz09ABMBAAAuACsAAgMEADMAJAAdACBXK4b61ua7lKS\/1ZpbuOtg24kawskem73sfkgTpyJuaRQDAwABARcDAwAqrExco606bIAhPKmYs\/tTBvQ9iMN5wjJx0HY\/2RV3v6D\/pKxGGoGSWC8MFwMDERECIvZVI1cCeVYJRXHZiI\/EoXEwyeH\/4TXx6jiHxkbFZRh35SxjRknCgLM5o2KjZ0CKRNNvdxxnMCc4Ir\/RxqXl5pY7VEPq\/gLY78oUC+Pcl\/ZJpw2NXQYaQJ6IQzx5nQt5EUw65Wx+hj6nAA7lRU62BIxIfS05MiU9kojgNpqOMsyWXnKFRe\/Y3V4+DKCq\/vXB75nW9NNtO0JOhXiHmmv+P5TGudaVfAXYC3pSXTlodPwLFgHhIpaedzr4z7TBazUze7PrXDsJlf+JyU1MbNow2RqG0bMIfhwznwXPZX+gh25FGtjr3HoYsy4b+AdgvgimW8dKD\/NfWuadulxEfl4jsctPlIfpnBBqo4K2RcXZY58YlPR\/blOUKJJpTht3IEI5To0yPJM1Cy4jcSKpzTmov5jZLXGGF8jCocs0rjxCO3ZcBgnyYs6yxoYLc1ZTgJjbL3xpJt5Un6PIeKcWWWt9Cpfk1EYhzQR5Txyy40WcfUPrENIC63LYhbfcXcWlkKMts2BR15fXdHNvXlFP0RR9uWfY78baC1Hpg12go\/p4vKhkbxqClJXnlej\/YpfZi7MeXtS4G+I7hL3RIz9a7FuG4SFn4mCoExjw6yYU0LfucPkIfusN46omRq3P+v\/anNc\/mbq7d7wdt3TE3VfNDtdtpR6GFdPgheJ45rPRltEItKiP9DiuEux\/rFvp2EMoll8ABBMN+tdlXiTOPWeal\/sb\/k8BaIUNk582YO0Yd\/SduU+DKJ8LwtSnRel+t+vL+7matG0KvI2ZBRlc9ZYY2SWFT\/cWJgHMeUQ16vQIdN4cKBlmIf7QBAszEH\/83CQ1WW1YjPwo745rRoQwGDFg0rlzjtAn2UTHS6ZQU7giDRrQdZG5sDzTpaw3KBkf\/vwyepzLA\/Du5mH1Ipf05DC6JyhJ94ngmpu+jz7uzHPvfU2Gr6\/yCxL0NSrqfpUzmeK7NfdIahSZerwKpoG9Z3mo6xSn5NRMQZkQwh\/m\/0I07Zv+MQq8deQuzcRbrYVyMZPmcZiB3QNEwAP5E6fLK0Z5qMr6JkcJ+LK23rQkhrOqDAs9UhC2iJbHX8ZWQ\/NCLGfseAA1E9D5kP0Gxq47pDgWq+J2mM8YKAu\/4hUfYInEfXXe3n\/rBW80KDYi5cpu9VjD9AOAZaa6+6ERk\/mdAYXmuqNUC5iZk0VMQyXwWSs1W7HBvNgTSkGmiz+1yeIVQ4IganXS8mA8z\/Otj7WlaEmtwrkSaLU5n9hREECFDt4BQgxF2NkDruHYuvrwuHYJUqjslf1MAcZRLKKAE5Ot4J4VRfo2iEgCe8pzhM\/Rt\/vwye5RKqK9rAtgwIE1nTzoM68y+KGGQMczcIcPH6StCu50NctvOJfKDdhaABqmxT5yDvtysEaFE\/KNdcmvNOtAzMa9minm87kWIa3rXZ8jbE7afFDwkZvsXSQWxMoPoqTT1rFENuxB64YAJkfXEa5NnKjwQR7vcJLftu3mO\/479g9Z8G7zw7\/tgSupnEIS4kOZNQj3HdHXaXjqdH6RtF2Plj3XHQnBcDU="}
01256{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":336,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482659915877,"flow_src_last_pkt_time":1646482659945895,"flow_dst_last_pkt_time":1646482659961974,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1340,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1340,"midstream":0,"thread_ts_usec":1646482659961974,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"146.75.62.167","src_port":46084,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Twitch","proto_id":"91.195","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"gql.twitch.tv","domainame":"gql.twitch.tv","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482686914106,"flow_src_last_pkt_time":1646482686914106,"flow_dst_last_pkt_time":1646482686914106,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482686914106,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":45936,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":337,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":14,"flow_packet_id":1,"flow_src_last_pkt_time":1646482686914106,"flow_dst_last_pkt_time":1646482686914106,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482686914106,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8RWlAAEAGOjfAqAGA0FUonrNwAFCsdkxQAAAAAKAC+vAqmQAAAgQFtAQCCArNau1nAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":338,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":14,"flow_packet_id":2,"flow_src_last_pkt_time":1646482686914106,"flow_dst_last_pkt_time":1646482687080565,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482687080565,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8\/\/dAAPAGz6fQVSiewKgBgABQs3Db1RKprHZMUaASOQif4AAAAgQFtAEDAwAEAggKWgQEFM1q7Wc="}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482724450800,"flow_src_last_pkt_time":1646482724450800,"flow_dst_last_pkt_time":1646482724450800,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482724450800,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.66.196.102","src_port":51806,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":339,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_packet_id":1,"flow_src_last_pkt_time":1646482724450800,"flow_dst_last_pkt_time":1646482724450800,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482724450800,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8sa9AAEAG8DvAqAGAEkLEZspeAbv+oP0DAAAAAKAC+vBIlQAAAgQFtAQCCAqQpxNDAAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":340,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_packet_id":2,"flow_src_last_pkt_time":1646482724450800,"flow_dst_last_pkt_time":1646482724458587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482724458587,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8e2QAAPYGsIYSQsRmwKgBgAG7yl4LcBoC\/qD9BKAS\/\/+NCwAAAgQFoAQCCAqOOgLQkKcTQwEDAwg="}
01244{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_packet_id":3,"flow_src_last_pkt_time":1646482724464401,"flow_dst_last_pkt_time":1646482724458587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482724464401,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5sbFAAEAG7jzAqAGAEkLEZspeAbv+oP0EC3AaA4AYAfbA9QAAAQEICpCnE1COOgLQFgMBAgABAAH8AwM6K+sImNx3dIej3yQBfsHlSQyH5l4F8hLKFYurrt+jPCCUv6qySiadEZg7Gj4\/vX5jrLg\/JYOIeoxWa\/ahTy7RDQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAATABEAAA5zb3VuZGNsb3VkLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACDq1odYnjLE9YoHd\/igeLWhv14ukLQSyf98ZPyHkQn7OgAXAEEEKYWpJR9uHJSJZBwzi1pAC8cLX9iNXc5VMFPlSgV8HHXqYbwegIwyfo36+y7oUVZIFeBilQuBs9gLF4NzHajtKwArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01221{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":341,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482724450800,"flow_src_last_pkt_time":1646482724464401,"flow_dst_last_pkt_time":1646482724458587,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482724464401,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.66.196.102","src_port":51806,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SoundCloud","proto_id":"91.234","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music","hostname":"soundcloud.com","domainame":"soundcloud.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02488{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_packet_id":4,"flow_src_last_pkt_time":1646482724464401,"flow_dst_last_pkt_time":1646482724472137,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1494,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1494,"pkt_l4_len":1460,"thread_ts_usec":1646482724472137,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXIe2cAAPYGqvcSQsRmwKgBgAG7yl4LcBoD\/qD\/CYAQAQV0hQAAAQEICo46At+QpxNQFgMDAHoCAAB2AwMpKPyVs6e3zfQcSbCgU1oPNtNqgbyYwl2hcCOgAM4oyiCUv6qySiadEZg7Gj4\/vX5jrLg\/JYOIeoxWa\/ahTy7RDRMBAAAuACsAAgMEADMAJAAdACDgxP9iQxCvSLWFu0jblz700ELRHbAHNOJQi+PLEW3dGRQDAwABARcDAwAk0YxZcrDzBMJ9T2jLmHAfvkG2kRiZYyygT682dQ8Ku5OnFj73FwMDEL3W+YwhZbSQ9wTfTQZ4OCn0G7d5Dhn6ETJZMcynItKgXUq5jk0t0YnhBkjCUMoNcwqRY2n4C9\/Zh0ZhumDIzb8iV93r7Pc\/+NaIk+JCXg65aqj5sCWEPrtNQ+6L6mJfEkSLO6k4NErBgfl+zCtqNddFbvHn0fxnMUOVFlWdyJ3z83tKw\/R6491FMgIDcrQDV04NXo6+2SjxlGNtv05X92MIxsZef\/R\/qF4FbjcoswNUFg3uLoWvEjPRMdrGtQf5AAjeSTNVkJrq3JNYZaWVsDP0BE05JUqGZuZMyrwe6cjW3zmOn14ov6Z9x1WdKWS19m12LMwwpsWS+lauTY1gRP4Z+DKOKnTw0ZZBQyceCWdkbpxL6nqpVDkTDnYqLlRuSuH0RsS08f2lNu15EReKchkG6ZuC2QgvHfSDVQmMZr3A6SVJGVDE960IsX+R6c0NFyxx4CEKWEk\/O5lgjDV3ftPpOAO9bRTz5K07yU4RUMuAEJJId8qAwOufaI8X7xlT8sBANgCtgZlZ7bSCOn0zXEkIMumBiqi1VUqG5d11srYcFasAFUp9713SxD6Uke0\/NtYfUjIvICxpQaZ07Y3DS4A\/oG8QYsprreB8t87bh8bpdNDPR35Kbnu7JoGcXSgerY+rtK54lN+S8yUJSD3brf5OyDEt\/3dcKXQjCd+M\/xgLxSoA6TJo65stJfAhPvRzmIRxmIV+SRvsA0sRRQ0APq2Aeg0p5VV7in\/vZrqq+sz15yQNZMI\/ZumLE\/1f7dmTpFa8vfWmfkSTAi6i6OWrhhVOU5p8rJAT6gBS9bnwD7SkxsJzyAsBj5Z0gB3nNdaq+CToyOPCp85FZVBSdhYv\/gnYl60VMEk+HYRa\/ifHXQ9SKfBs1EpSKifKi9fbcrkuVBnXJisGPc0Fz7GCqQxxqe6GduiBhj9oSLleMiP8XMszRqQSUtB0n0VkegIQE66s+kAwyepnuqlNcHfAY84dunqTDqVwlG4kEQGufymR1QZQcm5AIMtLAm8PtjoeqMJk2YLmHjJ0Sf+ZkuTtMi3dRuYO1O2nAfvMV\/+eQ1PW6Unvaulw8ru5YqECp4xrUtLiEUhW5TrjlQwVIUg+EIVcu5hTqsrvXvMcpT1nqIEJfty\/qzmMOkHCn1zCF0FMwlkPr9Y1GaSMQOgRHniGlc68VOBaNck8OWyEEUCmQ1wa9Z93zZBImm+lVha03tbKDdR79iY382829E\/dXsPEcaunx03Bf6mOOk4\/9yery+deGWbiUfgkvdKuAt\/ysHjV7yBS3C6QGIaojAXktb02KcrjTBNx\/JUPP+\/\/uLaXQJ7W\/eDtc1aU\/ofSQQ1a0pFKdCkUSqNfHC4c+vTgn97gYXEoIDcMcxmcmqGYxEMohO9S+nT47sDmQd1K5W3ARKhiA3sij469\/xwPKMYQmHMAKWj1CP2xtxvRLp85oZUZ9ph4DQOYkaq6r2pPe1UDsrURTzVsaiJmB5k5tGd5Pe4LEk4KCeuifgNqZzKSr+0aSKKiA2l7\/Sp0mhYb9d372IKAMHq5jM6O5Zm8l\/6pr7dOzYLN+s8ZSzHGdcMM4VxxBzUQzf9dSf2S5mBdA1JIC06vjaWrFuEz6tHmuJMKPCjYy7Z\/jPgNptonNJ477pjlo6tTKTA8RTrRvEWLuh0fazS+Rvo7MlYD"}
01266{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":342,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482724450800,"flow_src_last_pkt_time":1646482724464401,"flow_dst_last_pkt_time":1646482724472137,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646482724472137,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.66.196.102","src_port":51806,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SoundCloud","proto_id":"91.234","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music","hostname":"soundcloud.com","domainame":"soundcloud.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482753482315,"flow_src_last_pkt_time":1646482753482315,"flow_dst_last_pkt_time":1646482753482315,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482753482315,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.66.79","src_port":48140,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":343,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_packet_id":1,"flow_src_last_pkt_time":1646482753482315,"flow_dst_last_pkt_time":1646482753482315,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482753482315,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8SaBAAEAG1aPAqAGAFwFCT7wMAbtaGHg4AAAAAKAC+vA\/9AAAAgQFtAQCCAr10Gu5AAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":344,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_packet_id":2,"flow_src_last_pkt_time":1646482753482315,"flow_dst_last_pkt_time":1646482753504024,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482753504024,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADkGJkQXAUJPwKgBgAG7vAwZG5KKWhh4OaAS\/ogYMwAAAgQFtAQCCApuzQml9dBruQEDAwc="}
01244{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_packet_id":3,"flow_src_last_pkt_time":1646482753507544,"flow_dst_last_pkt_time":1646482753504024,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482753507544,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5SaJAAEAG06TAqAGAFwFCT7wMAbtaGHg5GRuSi4AYAfZqJAAAAQEICvXQa9NuzQmlFgMBAgABAAH8AwOUyHhinsfe9G2IXNgY9L7xAzZ+DjB199btap4Cw89cViDuti6QLvXTxzS8GPAI\/LqrruRicKAVDOLPOdfZnGvHHQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAQAA4AAAtjZG4uY25uLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACCyATmKdF69bnRwMVBRd98tu612XdMkfb0+p4HzFN6fBwAXAEEE+SEvSVfUiTeIP8IKKsjphsMZuVwTWztloapho\/r89Lhgv68xO7BDbwW8nmN\/dVf8z\/v3pQVdFakWyi7cuNIpiwArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01199{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":345,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482753482315,"flow_src_last_pkt_time":1646482753507544,"flow_dst_last_pkt_time":1646482753504024,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482753507544,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.66.79","src_port":48140,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.CNN","proto_id":"91.180","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"cdn.cnn.com","domainame":"cdn.cnn.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_packet_id":4,"flow_src_last_pkt_time":1646482753507544,"flow_dst_last_pkt_time":1646482753526341,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482753526341,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcqy5AADkGdXUXAUJPwKgBgAG7vAwZG5KLWhh6PoAQAfrUUQAAAQEICm7NCb710GvTFgMDAHoCAAB2AwMtELqVoM\/mfusUlOC2G51WdvJI4PR9JQSsEne1FzCFpiDuti6QLvXTxzS8GPAI\/LqrruRicKAVDOLPOdfZnGvHHRMCAAAuACsAAgMEADMAJAAdACAMQOAmSslfiCXikKsKApYMmSSlt7yCWobEIBvUlOejNRQDAwABARcDAwAu4DLCDDP1zoo32vpNDY+QgLMOEQU9zY8LcQaPU15zF6hqlC\/LNjIbfPJYzN6t7BcDAxSlnjhb6n+pLks2VVtJP460ZAyw8Bl1OmTdwGu2wo2uxEHkwqe33ZCoWCu4Sm5+AA\/lWfvt+ZWkOcPbUc5uYE8vL\/zDbBPNHU4+Eg+zakC7YT2ofcCUrQRfPlbPGUzXmVNXrXNdVkZrgFC4IX7zu1bWuhmJ9AH7dBAkmF8X3gAu4MQGdTId4SXc+MPgiyr88Ot7\/WhiDydQqj9XpVgP+F4quMRR9\/BKkk3DpI9W00QRT2INOIE1S49K0quPIhuvHfTgXlbkbwlfeH+ZZctXZ7DNsi9+fkWIGCfVVB6nOy18S\/NuHFMKyrn1L6KpSgIbEUkZ+mi\/ErFsTYuayoj7+xh05N3B8O6TBmgZp42iAwDy3K5njcJ+h9R\/O+4bj1AsPSym9NJn\/cGAMCpE6UPPv8Ro7nmrZNvk0hvRb8fshN92eohk42AUoj9oQpnVhKev1982wP8K2mqq4OqsFgVlK7XFf1EyzdgdByRTERMljTHIQ1HsrRQbbMMDt53P17+v2IzwtZJRyS+Uzj9fkK3LCn8Nf8Q5WR\/\/vbKZhKG2zqs+0noJv3XfAf75WbabtCUSk\/PRJbIPO8FmtvyDACnC700eTLcqT\/sg+xPlItYB6m0JVx+OCs1w9ZK\/2\/WoeWmC25Imfzk0EpfPuYQ3rmh1BHyzpmDqcvpY72VBAX2aL4yJL4cA7d62M5gOOqCwQbjDPiFJetMBiYsZ8j4ymjHbVfMYWddyE1TVDscvY638bBaw4Y2jl+Rz6R2X4h1cvLBxQVyApPyzrvKNvsuEu1NmZRRHTXr15WVlcQOovVo5xZ4hnFz2ch\/sk\/NZ\/zlkMVGGwiYZOOUc4i7DfKJu08HqO27LWlQOeRwGlvjxok8vlKvbTK9ZLzjZYOTq947V\/5oEKonyeFr\/1ElMdE+Oj7uOAV6fWp3XD6YiEEE+\/TAiuakwEz6LLb05h2XgWDItlPLhPiix7JYw2J9gWxXo8hYQYODQGvnV3MWaEtRT4n14XwM5+zB+ttvQJq3GL3b0sIQrR+12JFWnEwUjK26PlJhpSORXka\/WnbO7Tz0s71A\/5xRrUlY+GXRfZJR37RLwixU3eBBXrzm8u+0jzUXDt0j7aqVn3wV\/6rDnMzjqQAocgK3ImA7E4UCN7yCnWKy39PuNrJ0pLEjccqMCQwRX3NLBL810NlxSFsld\/kohp932kseEFr5nPNHDHifHxylHl5Nej9C4JYXu95YXh+owYS6MsZsMVuQbzfaIIDO53H50voFRaE\/3gTWW0+CbPc6hrpszkVtqutsyOEEMScqapd03Y4p\/WRuIxUc2D89aKgf3d+28LqgFHLYvN7zML2ageMxxeGpKPfS4nwEtZkNLp0wftvcYt1cBBlYywgMOnroNUDXz8QPiNKaoquh8u8y5v+5JMtV0BK+GGHWB33XGRg2TPMle27g5avLv2xS0jTnSeQMETrnxwnPYJG5kWLb14u6EIMrXd6B7VdbWaa\/KQXBoOqwjM1CIuyrWKrqQtrWxb0vxkynNtXqQNCr32FptQg1BHeyaaC5sAg+Gn5TeaOoTGUbV3PI2To7vxtif80pzEH96vXhipAp23s1hzJgr+OzTn0pDz\/I2SmvZCU05CykAvgsHuHx2qUsEaXEmsSxz\/9XE+Ekhqi+IsF3MxbuDX0d+qgFcT60QupWGlkllU58="}
01244{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":346,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482753482315,"flow_src_last_pkt_time":1646482753507544,"flow_dst_last_pkt_time":1646482753526341,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482753526341,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.66.79","src_port":48140,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.CNN","proto_id":"91.180","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"cdn.cnn.com","domainame":"cdn.cnn.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482759960442,"flow_src_last_pkt_time":1646482759960442,"flow_dst_last_pkt_time":1646482759960442,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482759960442,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.49","src_port":40832,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":347,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_packet_id":1,"flow_src_last_pkt_time":1646482759960442,"flow_dst_last_pkt_time":1646482759960442,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482759960442,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8N8NAAEAGsY7AqAGAAhGNMZ+AAbsz0CpkAAAAAKAC+vAbqAAAAgQFtAQCCApTrIzgAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":348,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_packet_id":2,"flow_src_last_pkt_time":1646482759960442,"flow_dst_last_pkt_time":1646482759979922,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482759979922,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADgG8VECEY0xwKgBgAG7n4Axx0rTM9AqZaAS\/ogIXwAAAgQFtAQCCAq1xN1AU6yM4AEDAwc="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_packet_id":3,"flow_src_last_pkt_time":1646482759982731,"flow_dst_last_pkt_time":1646482759979922,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482759982731,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5N8VAAEAGr4\/AqAGAAhGNMZ+AAbsz0CplMcdK1IAYAfb4fgAAAQEIClOsjPe1xN1AFgMBAgABAAH8AwO90p\/YrOJd\/Z4tss7jqktThIJxJIB3e+qrLLFobtKKlyAX6YhgDO5LSOYTxZN2IGu+QsQ1WdlQy7VgjD2lE+VvBgAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAARAA8AAAx3d3cuZWJheS5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgf8Mv24G6SSqxNEfrqm7W\/bejLWA6OGSZmHTWefPpxiwAFwBBBD+GtRBdEP9fCUeld\/IGhJTQe0q9+sY1uU3D5mNCoqM6EROqE0XBEIsVt1XPe0XwL5d6JRvhBZsY2OXTwlPA9KoAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01209{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":349,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482759960442,"flow_src_last_pkt_time":1646482759982731,"flow_dst_last_pkt_time":1646482759979922,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482759982731,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.49","src_port":40832,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.eBay","proto_id":"91.179","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":27,"category":"Shopping","hostname":"www.ebay.com","domainame":"www.ebay.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_packet_id":4,"flow_src_last_pkt_time":1646482759982731,"flow_dst_last_pkt_time":1646482760002525,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482760002525,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcuS5AADgGMoMCEY0xwKgBgAG7n4Axx0rUM9AsaoAQAfqTWgAAAQEICrXE3VdTrIz3FgMDAHoCAAB2AwP4eNz\/n8cCZry+ixJO83AQZCZ84GkG5fx8Y\/DYNS0zqiAX6YhgDO5LSOYTxZN2IGu+QsQ1WdlQy7VgjD2lE+VvBhMCAAAuACsAAgMEADMAJAAdACDCgAbnVEyzVgGI2GLj7QnsAr4k6GrO4d+u+gLgppnKRhQDAwABARcDAwAuXcRaS7EMPvvI8Bi5+1VRQVP+aN2IhSF01R\/ufbCE63OvJFtaIdcRQNe8GKgNsxcDAxJxBUDzHPBV2nbiXj67AyxJcSX3xvCRTrizxUacFAONLacwPCgC8q9QY44SMCOLoVEjkWNszY7wh22xgHoAJYtP3drvZWZNUpU\/lluQ5cANfo+wjGMVPslEonnAicb+MLlTfhSNxpRw+RKqvH25UyKyiM5ryerZDsxFOUUjmhitTw6geEy+etATAIDd0VQBJqh2aCKYum8vModwo\/TVetVoTXM7duql5dl52xVFkDW0SmQZQ9VQNxTi67IujgWSciMudmaJeWMJyvZoEtCxmC8ThEnOSmk0Nf2tGE4wog8jjrJ3IXAOKq\/moyfPl+8lXvGiGY44WmDwnzFaVXNjN6RiE0P5rXfwgPUk3X6yQSwXRpZ+LKNcgJI8VNVqF7Dal1vIB\/xP6\/Xullv686yEuHetqgJyMFzbt+AVvJSbSShYAva\/s+oaWzS2gJAL98i47g\/HIRQP9RCvJja7q\/7M8X+Gh2sXg3EJlz6QRBwSaMDZyP5WqCMXyehhSTE3NwOIPs1m7i5bsf+hKoKyVWcNYQjFAWJE9O7oVlv1lFN8sjxPJyUuTexnbTe4d9X+xywL0nbC9qwueKbKlDbyZazcPgZAmnYeDaNlLUVdT4M3qten86Q9eVAaa9n7d\/wmJnrcu+ZJFpo+k3kaj6iZ7JFoZgHUFAtMr6FPWryt0BfK0gvkusNFNKEOuqB5qE2Cdr0GQ7vpuQMdfPQhRe6KQBUywepPiU\/lcM4erSEGzwffxoKlx6g3W9ygHzQAB+eeUDuAxrJvbCOaBi8lwlWVC\/EEZtQvSwV0z7\/nadsG8T7nhaZ0fVUELum7N\/BWmVrUlJx3imZ2yHVlkflCMtYSgpkn8vA+H+j9RtqwwCw+RIk3CwTDLYTX2tplK3MLQ1KLT1V6C7Az9JEp9RfaC3NL0nHh1P753EDdbzB12hqy3quab3lhN96fKHXk\/HrRdxAhNhZN+gv7dDnyKpxjufS1fcfZgOUM4cpIYTf7BQFjNz0w+rQxXB0v2d55jpGK6GLSO\/kqezJgcBKlv8XJyAhu23kpXOjWcO+ekergwhg\/6jD47XEgGbClpFjmjhgAHJb1O8KjpxAhRXG86qwVWktU3MZZOugVOFEvhENZ4Z0dQcFpPE\/1Q5Wc62yaiGT\/cDQuLi7KefvBq8wpJGVIFUObuKrhVTRGORmQ\/hwX8m2Map1UwjyjzTRDADoQ5qCZ8NV0G7giKbdx9\/4MSk9g3ewBcXEZQWvDKnlxg4Mgwe44noAq4mm2HhmBXPR3PKJYp+ltK2a3a9CbU7FIEopfzAQG1gAMp\/hr5jlS9w68POJO1iSr0R68olhW3BuZXX\/3Art3DPdsVVPrk1U6mYOPVIr6XEZ2ccsx+4C7proBN1nhXjgZDUkxMgKEFYF7SIoyxc91JhF+dXfbyIlRUVIQGLddEMgFsUq8qlzovVUjcYk7NgtCuaATKnD44qeTEzDmrr6Jzwho1JfhlESpB8J0v+e5xqEzCZAs0gX179nqGncTZjZuFMdBtJydpot2DaeAYjLywd4OgtvnWwG7CiXyGr6hB2Ylq\/NDz\/ua4On5isYreE8iCOlfMR3tZ6h4FiXAve+mmjqyJKFdyjFSRCVlAIsrPt27xSy1LnHVjYdN0qqLLPeIV\/GkG35byV5GVMvnsBK8dgiuiBzX46N1mRwcQYAG\/ek="}
01254{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":350,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482759960442,"flow_src_last_pkt_time":1646482759982731,"flow_dst_last_pkt_time":1646482760002525,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482760002525,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.49","src_port":40832,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.eBay","proto_id":"91.179","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":27,"category":"Shopping","hostname":"www.ebay.com","domainame":"www.ebay.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482772264409,"flow_src_last_pkt_time":1646482772264409,"flow_dst_last_pkt_time":1646482772264409,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482772264409,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"185.125.190.21","src_port":42884,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":351,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_packet_id":1,"flow_src_last_pkt_time":1646482772264409,"flow_dst_last_pkt_time":1646482772264409,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482772264409,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8SfdAAEAGtwnAqAGAuX2+FaeEAbviQ3M+AAAAAKAC+vAD2AAAAgQFtAQCCAo3btlLAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_packet_id":2,"flow_src_last_pkt_time":1646482772264409,"flow_dst_last_pkt_time":1646482772292707,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482772292707,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADcGCgG5fb4VwKgBgAG7p4RVAzgX4kNzP6AS\/ogvJwAAAgQFtAQCCAoh0SIcN27ZSwEDAwc="}
01243{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_packet_id":3,"flow_src_last_pkt_time":1646482772294676,"flow_dst_last_pkt_time":1646482772292707,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482772294676,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5SflAAEAGtQrAqAGAuX2+FaeEAbviQ3M\/VQM4GIAYAfaY1QAAAQEICjdu2Woh0SIcFgMBAgABAAH8AwMB8bRCQdqcx9fui+mF7VjuHN5SBb79arjGU4qYGthMOSBbTABCg135wJeFEPl+a8Oxzav9AsC9J9+l+IIaNAxYkQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAWABQAABFhc3NldHMudWJ1bnR1LmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACCezVQBlUDf2SIx8m1xehLWY9pQKyvfH068Wwzre\/JcNwAXAEEEo09VNt2RkHEqlhHBw1nk6JbOlFIOJqgyxElu\/vwC+3XCJEwr43v+9rwXwcTyZXa+qtiIur9f6O0kVe2u0AJzEQArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01234{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":353,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482772264409,"flow_src_last_pkt_time":1646482772294676,"flow_dst_last_pkt_time":1646482772292707,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482772294676,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"185.125.190.21","src_port":42884,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.UbuntuONE","proto_id":"91.169","proto_by_ip":"UbuntuONE","proto_by_ip_id":169,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"assets.ubuntu.com","domainame":"assets.ubuntu.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_packet_id":4,"flow_src_last_pkt_time":1646482772294676,"flow_dst_last_pkt_time":1646482772325972,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482772325972,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcl1VAADcGbQu5fb4VwKgBgAG7p4RVAzgY4kN1RIAQAfqM8gAAAQEICiHRIjw3btlqFgMDAHoCAAB2AwMwCvUuCIWBUL4Egb6PucjL+mo\/4er\/DaMyEZnp0AgJzSBbTABCg135wJeFEPl+a8Oxzav9AsC9J9+l+IIaNAxYkRMCAAAuACsAAgMEADMAJAAdACBNFZtVLV8hmIJAgqmU+hARl8WcMPaYtPUJ82FSikZePxQDAwABARcDAwAkxNO8ZCwzrzrU2+7GS4O1EgbIWG9LHL0BgNdkYFZf7JCXbXGZFwMDD9FBBEQR74PWlWHEW1KizWo6l\/YnIqeJ2jVNTbuoelR6GJFjP7gqcqQcORDapuRmRoyB36S8EbRMVGEpdm8R8CYIB+obALrFyuko\/\/at7BUhlI5m7yzz9Vx4z6gqsuLktUpXLnJg4h2CF7tMUhWy2UO15j1L0b0i\/3R2k5TCYNGDDMO1dmaSiQx\/nrSxORtYKGnsSS4TsMIOBqhPTSnPbrJ6FTpKJBuNWc5MVTkrW6eJeQL7kcJYez610\/ZUGqgqKMl0z4UfYiUgMyfOZN1TdTHLG6\/i0eDVorBN3MafS+GZMLjiAn6dON1hJEbR\/pyAZfpNfS\/9q1ITPosOZBIsyDA+yL390cjMqareBDkpJL2aiyJcaIGpzdrD+O\/f+Dd3Bamvaf2r6kKNjOfeqHisnTdmm2tFHqMk3rdkUTYTo8VUTZRtI9tTXQ8frRWB4W7xyhrO1\/lr7OY\/A4o4qOQLiuIF6XLD56BKlcWfraA1vO5ceoTmp6BBK0\/lyDL2vlnxRFbjGuEQTU9froetQsnMwlDuZqDt80crFS0sjpgVOMCAg9bg77mK9djub32OAZvlNUc3EOzQ3Ne4p6rDGST8W9iBbmFvnSvd\/hU9nMxe3w2pgVLTsJlBk4lFg22URiF07nX0KJqXqRqK3GbzFM52wjdqHb2FHpL6\/yyMkkk2j5stR85+utSElobChqB7eJApB4zv5VEplZlkBBG\/L\/ZxS6cR5sLmb7AHSOLkrv\/W0jZWBk2Ax1cjJdXUbwfsMwmKZ6dW4TLQ9mXcIVD5Im0HNuTJFSVPrdo\/2zjVEhzFBCYbCQKsJmBf\/VSeC\/y0DIsogFXWihwFmyQSsG0DIaDd+71YXtghhddvaYS6xQsa13BDgbxsec6+uEy7zfIVbRP7KYcDoco0YAtuAbUhp9A0+sX0d0tAtOsh7DE99muxuBAraVpqWxDvUPk9OpiA7reiTl6KadrBwjebBWftJxPM\/meRmF\/D46RJoF0cEyBNSzCvj4+nKGUnBgLisGnJVqZHUWp7WcBQG+BMWZthjPNdx6ihJ+AuOL\/+exqMTVUuwW33WM0KCCv39vS4flPq83p2510Bid8TJslCq\/3odrkvdVXxT8Ev5BI2yHAOUgWQZtP\/jgcwDcvxohb4mrZog\/g+nqfzpdGyDwhiVjG8mbCtzuTK3sm\/SnEpQf55wQh3fQ1jWB\/pp1DgdFw2xe2x2FAdfJPezo4bA4yRorZwMsSHL3A6z+TbvltVAn84w10vpqRrCuAbqT3M98SQD+m9H2y+Uj+D9CMnPU+v1QBwj+bMoDPDZO+\/PPjv9lMR3obgEn\/2Z0koNLEQb7hbCSF0QB0hYtzV9HEVDSQ4+9wYxVQoDcAlBlS\/KptgS9Q8eciUtl5lR1E6QV99r0fkCbTo8+ij8mRlPXwCobuvfURbSAfEQAddHpllLwaYUCrZGANAme7laVgdtIqdvL70\/+qZptoHQ9Jg5lbUSqfyxoAEH6Hv7XAYJ3Ut0XVjYKt0kbeVKmTqSh0CybEuPnC6DNY1dwJdwseEtYluQ1oeOCcNkBPNgrNZDwpZDKnDPQ9BbqGmv0NsD81iwSH6HUXLXoegJPD+\/N98byN5p27MAyymPZEUWB0CqcwILuZw83fPNGbWmM1GaLRtSLAPSiRhw4f7Nc+PdQeMGutkR3CpgFYfPSX+uRsU0bPOIGw="}
01279{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":354,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482772264409,"flow_src_last_pkt_time":1646482772294676,"flow_dst_last_pkt_time":1646482772325972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482772325972,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"185.125.190.21","src_port":42884,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.UbuntuONE","proto_id":"91.169","proto_by_ip":"UbuntuONE","proto_by_ip_id":169,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"assets.ubuntu.com","domainame":"assets.ubuntu.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482791144413,"flow_src_last_pkt_time":1646482791144413,"flow_dst_last_pkt_time":1646482791144413,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482791144413,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"95.101.195.214","src_port":51432,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":355,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_packet_id":1,"flow_src_last_pkt_time":1646482791144413,"flow_dst_last_pkt_time":1646482791144413,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482791144413,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8FF5AAEAGQPrAqAGAX2XD1sjoAbs9AWSXAAAAAKAC+vBfJgAAAgQFtAQCCAoz72hZAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_packet_id":2,"flow_src_last_pkt_time":1646482791144413,"flow_dst_last_pkt_time":1646482791167258,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482791167258,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADMGYlhfZcPWwKgBgAG7yOhRyYQJPQFkmKAS\/ohadwAAAgQFtAQCCAoA0SpiM+9oWQEDAwc="}
01241{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_packet_id":3,"flow_src_last_pkt_time":1646482791170130,"flow_dst_last_pkt_time":1646482791167258,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482791170130,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5FGBAAEAGPvvAqAGAX2XD1sjoAbs9AWSYUcmECoAYAfYkYQAAAQEICjPvaHMA0SpiFgMBAgABAAH8AwPkjLny33P+mExr32cMRl62\/8RJSZlKid1V05U+ySIWLCA+yoN1VMfFXakU81pmrArAv4PMFa74gV6zhhtZIkRahgAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAANAAsAAAhodWx1LmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACATY1QXYS0qh7KvKliQF74PNyaFCqlZEZicpu9ccKADKQAXAEEEtcC0kqJMuUk4fNE8PcFvshva3wSMZbKQk5Gr6YxJX1t14RCVX0X4nJLqvHYB8ofAk7LBbtBWK6qUGB5XQIzcOQArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01204{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":357,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482791144413,"flow_src_last_pkt_time":1646482791170130,"flow_dst_last_pkt_time":1646482791167258,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482791170130,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"95.101.195.214","src_port":51432,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Hulu","proto_id":"91.137","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"hulu.com","domainame":"hulu.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_packet_id":4,"flow_src_last_pkt_time":1646482791170130,"flow_dst_last_pkt_time":1646482791191818,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482791191818,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcuNtAADMGo9xfZcPWwKgBgAG7yOhRyYQKPQFmnYAQAfouIwAAAQEICgDRKnwz72hzFgMDAHoCAAB2AwNKvD71o6ldv\/wfhnoctkUMQVOvBdL\/E538pqaDgOfuVSA+yoN1VMfFXakU81pmrArAv4PMFa74gV6zhhtZIkRahhMCAAAuACsAAgMEADMAJAAdACCyyuRTekSEiWRB0kCryf7fkyMQ7C8wFQctevnYnU\/wFBQDAwABARcDAwA0UU4SzG5kAazJz6oJmOMa4\/3cbc8An8Ax3vFpz+lLrfOsJSYY+jNTJOIlB+TSvMbFk1QBbxcDAxFVQsq3i22go95F2TH4hzyRL\/GaBx\/EhdzAbHQbZt7NNGyPWdpcv1kI9anvi2FlI9qqqPP7uC86f\/gdLFqNlPe3nJPqKsz7bxpgVS5pbAnShoqlKaEruVFI3neCFibkmTVDlEf8vM246WMlsX5ixYFtLwZ\/mvMPxtDHh2WzrJ+n7DQksnM47MMRCREyWN7ZrMRSGXd9QypHlUAZjMYu6WZvFU2YeUwMAR6clqPZLbwkI5hy88NeHQy6aYhbnjQlUiCH6kmJ59m9qkJVXniwyXopOb\/J7SXMeJJ2UAUQQP3u6S6S3GkBc4xDPE6Mc1bH6U66CnJG76FAz4bS2cZAXCKH5FtLjT2c5rWowhh1l3bHXhVeWKAk2cFc+p+Xz3e8gF3rv4gHpzbg4Msi5e6TrUOFaTe0PmZN+xS8quBwTwc49uGPA7g876JdQRHv1\/gZ7T9gwvAvELqdtRRXpAlNBta8\/oLpSEgivmQyOQwNcFoq75YZ55NYBhlApaxIoQbouDSirEWPaWx2TgVm+qv8XwyhPqX9zkbnxg0PCwSA3\/EKf7Ec09fXZsFXkLxaiRAz55M\/GMUtLGXQa31PFigZ7EN\/fCA00QCwwEF4FE1Kwh0Amlvdy6U7750rffzLKHom43504oZFsmRmykVUHpb+O7CnlMhNlzg7wgpuDV1ALe\/dmyr3GfnOD2VOoi7fjQyxeRqnirIh6d2HpDwh3uJPd+zBajHfKXdywY5uko1IWzsK7VwB\/0J\/ngGPk8gR2Xfx3Bd9GVKf3\/z8QjNLORZh53kW4G4Zs3w\/DrrxXKO37G3NuCNzrDVfsLpImAZDsvQjjtfrr\/yOi3x2G\/lTubHV5DvGgwgHi2B067UOiFZIkFOieH5sgvdLNCbfHzty3XKZDZ2\/nU8W0WEXjdVGiYmtUZg4xTpNqTbEm4swqVFqctFcf97+etpyAJRDWxl05HNb3RY2G3Dbxn+cRhLkhYU8QfSCkthkTZKAaGbPdSaNNa+elToVNPdFyujMnbJycAjnH0TKtTRgy7kcZBst3U6hmj1I\/HO90yvJhm4a4SnGKi12fc1bRwTY9nNMp\/ZcGcEmzutKggsy9TQp7sAxq1EUXnEtPtmCC1rOnrGhH\/SxH5nDnGn2Nnlowwh0GbCGlxfll94w39K1HeT9db+fJf6\/BfnnjyiGPRxVgV693fvsyTv5LviTo8wQ9+a4i1UVpJ1ZfZuST7cDFAE2eBOW7ollq\/xTu\/Xsv39Q098zVKvq4hDyqBBs9erd8GSXhLxDZasOqhH0C\/0lkKUQE+ezHN+HmLiBWneTeawsXlkYLDNbhRysBSEoJT1loyBx0vhFTdEdKhrz24mRcGOGOkCYP2eeHD\/GMbbEojKflwP+w5ED0RtHdBMHLu0ERNOadvL8Kk69t2ozzMFigio\/ImdE9zi4uRvOeGkishcSqiVSvdAywhejwcoSKSkjxzEmgLyzkYYHhJMLG+bO4JaDM+U7V13ZeVQIHosTp7vUTgscdOaR4yNXS4JqjNtcKv7DhfNp0F4Jw9bUk\/wbpu4qHHoMyJ0CLubJmIWRVMyKQH8PR5AJlupMCB7t4kcSWwTNVbbP52WPjFBgHVafIJldhk\/qlUudJwbjTHC00rd6aEJC8MFTEDha17tFm+o0bE3giKIR3X51xzpF2zJlGKw="}
01249{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482791144413,"flow_src_last_pkt_time":1646482791170130,"flow_dst_last_pkt_time":1646482791191818,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482791191818,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"95.101.195.214","src_port":51432,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Hulu","proto_id":"91.137","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"hulu.com","domainame":"hulu.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482801387341,"flow_src_last_pkt_time":1646482801387341,"flow_dst_last_pkt_time":1646482801387341,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482801387341,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"34.96.123.111","src_port":44954,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":359,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":20,"flow_packet_id":1,"flow_src_last_pkt_time":1646482801387341,"flow_dst_last_pkt_time":1646482801387341,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482801387341,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8u7RAAEAGHxDAqAGAImB7b6+aAFDTrORQAAAAAKAC+vAeUwAAAgQFtAQCCAqmtsAlAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":20,"flow_packet_id":2,"flow_src_last_pkt_time":1646482801387341,"flow_dst_last_pkt_time":1646482801394699,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482801394699,"pkt":"PKn0qB\/spJGxgjQ5CABFgAA8tJQAAHkGLLAiYHtvwKgBgABQr5rfpgWE06zkUaAS\/\/9QBgAAAgQFlgQCCArcngeAprbAJQEDAwg="}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482802720593,"flow_src_last_pkt_time":1646482802720593,"flow_dst_last_pkt_time":1646482802720593,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482802720593,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"35.201.112.136","src_port":47122,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_packet_id":1,"flow_src_last_pkt_time":1646482802720593,"flow_dst_last_pkt_time":1646482802720593,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482802720593,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8g6pAAEAGYJjAqAGAI8lwiLgSAbvaEoGzAAAAAKAC+vAuRQAAAgQFtAQCCArAZPJXAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_packet_id":2,"flow_src_last_pkt_time":1646482802720593,"flow_dst_last_pkt_time":1646482802726853,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482802726853,"pkt":"PKn0qB\/spJGxgjQ5CABFgAA8b+kAAHkGetkjyXCIwKgBgAG7uBJNy0p52hKBtKAS\/\/9IWQAAAgQFlgQCCArHroD1wGTyVwEDAwg="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_packet_id":3,"flow_src_last_pkt_time":1646482802732248,"flow_dst_last_pkt_time":1646482802726853,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482802732248,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5g6xAAEAGXpnAqAGAI8lwiLgSAbvaEoG0TctKeoAYAfa\/ZwAAAQEICsBk8mLHroD1FgMBAgABAAH8AwM6s1cKgDvTG3LALyk7fAmvRJX9DNZN37XWMNl1\/SdHaCCUR56oKGM2UcODstsWkptKjiMgLAJPLuO56cI3NFuiCgAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAASABAAAA1rZXJ2ZS5sYXN0LmZtABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIEXwFTh8NFdQPbVwjRz3qZyMML4Z+FJITLECgKzAH2YhABcAQQROHWQ9TZ\/FNyVoueylOLPpt31B2wF8YuKZg+41\/WG\/Ucaum9xuzZgJXugnVJqsHgtbN0plSfDPGhyRi1GNW\/CAACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01218{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482802720593,"flow_src_last_pkt_time":1646482802732248,"flow_dst_last_pkt_time":1646482802726853,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482802732248,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"35.201.112.136","src_port":47122,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.LastFM","proto_id":"91.134","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music","hostname":"kerve.last.fm","domainame":"kerve.last.fm","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_packet_id":4,"flow_src_last_pkt_time":1646482802732248,"flow_dst_last_pkt_time":1646482802742412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1484,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1484,"pkt_l4_len":1450,"thread_ts_usec":1646482802742412,"pkt":"PKn0qB\/spJGxgjQ5CABFgAW+b\/AAAHkGdVAjyXCIwKgBgAG7uBJNy0p62hKDuYAQAQVJ4QAAAQEICseugQLAZPJiFgMDAHoCAAB2AwNf9wuxJk+v6LfOvwBJ+oeO0H2gHZreeYhWw\/9jNBLYfCCUR56oKGM2UcODstsWkptKjiMgLAJPLuO56cI3NFuiChMBAAAuADMAJAAdACBejmzKK8afi8yU2Y3RKJL+Iy9bmr2k74LeuNRrKKxDLQArAAIDBBQDAwABARcDAwzM1IxyACJzTueCgjmbZFqTLOOTUlt6z2vCHLZdfPBBb97w\/sLBBXnBuqxOqa+W6E19FJm\/BiX2Y1b1VBxS736oxTJ556POal9O3Hn6PN64Bvl06tZ2ra2\/X+u\/RV+uPcbq1P4Y+\/37W1GYJztBW3+48LkDdH+MgIkwFWVSQuPJ\/sVyadcmOZsomPZ+MxtxXa+Heaeajy0ZtLmQ2T021zPHoEJ4NlljumKTv2uu7UvQMnLb070RDaeDabJAmqAzNHGp8suHHVZ2zK3aDY9luXu3poEhboUqmyhihaHbPd0Kpw5I5I771iT7Tyk9CnXSicM07IxktYK1jbY3eQ0+kTJAzo0LixhWVIud58nKo0s1rk5yr8K5zQMsFAgJTvyjTcN3wQCzMIgcEh2LE3KDT6IwlI\/aAXb0vbiJAcAUOpmLP8N9MVcoifLNMtVbIYdlPFFxMI07RDdIsOxt\/m2v12PtASj6ntTVXon+dW7K1xVr6aRHo117Mo+POfZCuV8faSZBLQzSyCSH\/ld4eolVEDDzunt6re3bbPS\/XgE9JaewVK\/pmYOpdug9kjWtS1ON190ku3DKPPG1uzKeYvEvAORe0XM8pyNBBp3MhxymXowwGTRZTv9alCkrj5mBv1H\/EZ8uOvGRwjcBR72\/Rrih8tM15XFUQME6A4R0NjZE7g74SkC5Q+yXEbvBNJNDc+NqAX849LTNSdA+uiaeBeXwulOdkOlzOq5ehf2H1ls0fK4BiMpBR2gwZMfDzeD5VteQS\/34nEHXy2fOlN+nmo4Bw6LNNvQd7qfXpdIioFhcb4uRLHBs0craR81qHYiXjad\/Ydx2WRlShRNaIHajDQ5L2g1BR1nzm6WxJ9zzhODOhKRV0c2fiJYBPg4iCOVZBBf0\/tz3fDX7UAulWJjoMhaDZCnhqrQ7MHQvKldUxDTsebnomBcV7H4dW3\/uFLI2xycINZ+80+E4w4cu\/Z7eZgW4s+LaQc4k5svbXHiFD0sRnaSnp1rAyUQi8oHk0vZ2xgXDzQG6KsTOn2FGI3ZN4tJx37S7IQYYPc873f8Q7\/WijN896lDBwTVOTq95P8Wnp1kFZNQGODUzeK6duAhOA2VBC+PlSafANNxGZMgDzhwswfAssMPudYrIOG\/rmOX5X4W5UmISswpd7ymgMabgyEFOrxOwRtGlXtEExzesNoFgbjGAHmf8lChEWk7WJwVerrENnRRvWgG6yVaODQU7Tur\/QfhOkS0bjeMtfYy5xdJKf4t1VYHjxAitP5Ap\/5XerdSEkQCgSxnCxsHrZMD1KY6QIOaySQ3PZ7YAwIlfXq\/Gy2rWsxryjV50o5\/WNiCF6gGB\/a44127a+DygsDtu4E7g29wFkZapWK41Vi5Li3AX+2mjKCsDnu7ziQFw5czyo9SLxBCL2WbQmSEQVoN6Vrt3Ybz7vtZ4zTR9Qdg+LWCEyiAglMBy\/22sqIeImDyVY25sjoitHmrF0Mo2NSNci5sXVAl2z0iPq40WjMrqqA3McmwELb2ZP3Dq51uUhDtm+LpcXQgblJzA\/\/x0lTQS9GVa\/mj7yOJd1BYm0Zmkq6kguwvUCGKbpAg0LNTQteLZ2bL2ggtJDyE6OjjVy1J2vyGoGbDNH4ykLZbifKCWggCfwiPcKq2l8Jp98R8wmL9BypDs3xUCR\/URgvHARQuzU\/jWe6CpSQ\/P6WOUE28ynoPh6JwQb74="}
01263{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482802720593,"flow_src_last_pkt_time":1646482802732248,"flow_dst_last_pkt_time":1646482802742412,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646482802742412,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"35.201.112.136","src_port":47122,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.LastFM","proto_id":"91.134","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music","hostname":"kerve.last.fm","domainame":"kerve.last.fm","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482825245035,"flow_src_last_pkt_time":1646482825245035,"flow_dst_last_pkt_time":1646482825245035,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482825245035,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"69.191.252.15","src_port":39036,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":365,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_packet_id":1,"flow_src_last_pkt_time":1646482825245035,"flow_dst_last_pkt_time":1646482825245035,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482825245035,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8fBNAAEAGurHAqAGARb\/8D5h8AFDXP+M5AAAAAKAC+vDCpAAAAgQFtAQCCArIaWrDAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":366,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_packet_id":2,"flow_src_last_pkt_time":1646482826257148,"flow_dst_last_pkt_time":1646482825245035,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482826257148,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8fBRAAEAGurDAqAGARb\/8D5h8AFDXP+M5AAAAAKAC+vC+sAAAAgQFtAQCCArIaW63AAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":367,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_packet_id":3,"flow_src_last_pkt_time":1646482828277171,"flow_dst_last_pkt_time":1646482825245035,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482828277171,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8fBVAAEAGuq\/AqAGARb\/8D5h8AFDXP+M5AAAAAKAC+vC2zAAAAgQFtAQCCArIaXabAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":368,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_packet_id":4,"flow_src_last_pkt_time":1646482832369165,"flow_dst_last_pkt_time":1646482825245035,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482832369165,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8fBZAAEAGuq7AqAGARb\/8D5h8AFDXP+M5AAAAAKAC+vCm0AAAAgQFtAQCCArIaYaXAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":369,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_packet_id":5,"flow_src_last_pkt_time":1646482840561146,"flow_dst_last_pkt_time":1646482825245035,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482840561146,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8fBdAAEAGuq3AqAGARb\/8D5h8AFDXP+M5AAAAAKAC+vCG0AAAAgQFtAQCCArIaaaXAAAAAAEDAwc="}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482844787933,"flow_src_last_pkt_time":1646482844787933,"flow_dst_last_pkt_time":1646482844787933,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482844787933,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"151.101.193.73","src_port":43412,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":370,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_packet_id":1,"flow_src_last_pkt_time":1646482844787933,"flow_dst_last_pkt_time":1646482844787933,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482844787933,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8DedAAEAGEf7AqAGAl2XBSamUAbtMTKsLAAAAAKAC+vDPdgAAAgQFtAQCCApUsmtnAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_packet_id":2,"flow_src_last_pkt_time":1646482844787933,"flow_dst_last_pkt_time":1646482844795697,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482844795697,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADkGJuWXZcFJwKgBgAG7qZRSHsTXTEyrDKAS\/\/9OHAAAAgQFTAQCCAoo5zzDVLJrZwEDAwk="}
01244{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_packet_id":3,"flow_src_last_pkt_time":1646482844798597,"flow_dst_last_pkt_time":1646482844795697,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482844798597,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5DelAAEAGD\/\/AqAGAl2XBSamUAbtMTKsMUh7E2IAYAfYA+gAAAQEIClSya3Io5zzDFgMBAgABAAH8AwORBDzSmJ5ztCo20SFZ11gW0AoQQ4sgaFZaA3Y+KP\/wXyDr7yv9lTOmWoS6i6wF3DRKGiQ0dwIiiuA6PbPxGRgIZwAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAWABQAABF3d3cuYmxvb21iZXJnLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACDquIWld0x6v\/7S4zdZ49LOkRXJqmmpTXYEodSal6cCHwAXAEEEAIPYMeBzwG1ajydlfuoJM30LuOrUqddbx+YHyLZsEMUExIIuEeju0UTUsS5CFNGsqSGbD968lENk0xLpNURtmQArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01230{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482844787933,"flow_src_last_pkt_time":1646482844798597,"flow_dst_last_pkt_time":1646482844795697,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482844798597,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"151.101.193.73","src_port":43412,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"www.bloomberg.com","domainame":"www.bloomberg.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02344{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_packet_id":4,"flow_src_last_pkt_time":1646482844798597,"flow_dst_last_pkt_time":1646482844815877,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1406,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1406,"pkt_l4_len":1372,"thread_ts_usec":1646482844815877,"pkt":"PKn0qB\/spJGxgjQ5CABFAAVwr+JAADkGcc6XZcFJwKgBgAG7qZRSHsTYTEytEYAQAQmRsQAAAQEICijnPNRUsmtyFgMDAFICAABOAwPdD7r0LgF4QnGJJ5JA5UFs5upfQpyNKNA9WqsCruvOowDALwAAJv8BAAEAAAAAAAALAAQDAAECACMAAAAFAAAAEAAFAAMCaDIAFwAAFgMDDgQLAA4AAA39AAk1MIIJMTCCCBmgAwIBAgIQAh\/cRrcoMqWz4nNNUEJxTTANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBEaWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAyMjIwMDAwMDBaFw0yMzAzMjQyMzU5NTlaMGYxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxFTATBgNVBAoTDEJsb29tYmVyZyBMUDEaMBgGA1UEAxMRd3d3LmJsb29tYmVyZy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmjg0JVDIEeEoDDjaXnXioD5El4v3owW07OpwAds+tDSDb79GUUVBS56G7fgegsC1DKYLLXqRvkypZitNiyX4KCg3EPQynKDWqp3FGkZ5+9iqNe\/r592zQRpq1P0wkUGmIJ0u7FwDu7qGbbuTVTvgkCYOrz0NwbZM2ku5\/76\/POH6vtHBJ49vvuLml9jGFbC2UcT8te2uBUiQ6liiYi5N76cp4anOyK\/OA9KVKlUs5ODB9UI2rTqcF9Am3fS\/2HyEa0QIzccwYg8GKgJGqie0XI5lqLiHj0J5FAn49BwJ6KHjx49+iqlHed4qMQQ4+dQCudtCQab17hcdpkVEkSxQfAgMBAAGjggXwMIIF7DAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNVHQ4EFgQUVOW6ug3oUCXy1dsN3T4FCAXOTeAwggKXBgNVHREEggKOMIICioIRd3d3LmJsb29tYmVyZy5jb22CFGFwaS5idXNpbmVzc3dlZWsuY29tggthcGkuYndieC5pb4IOYXNzZXRzLmJ3YnguaW+CF2J5emFudGl1bS5ibG9vbWJlcmcuY29tghhjZG4tbW9iYXBpLmJsb29tYmVyZy5jb22CGGNkbi12aWRlb3MuYmxvb21iZXJnLmNvbYIRY2RuLmdvdHJhZmZpYy5uZXSCFGNoYXJ0cy5ibG9vbWJlcmcuY29tghRlbWJlZHMuYmxvb21iZXJnLmNvbYITZmFzdGx5LmJsb29tYmVyZy50doITZmVlZHMuYmxvb21iZXJnLmNvbYITZm9udHMuZ290cmFmZmljLm5ldIIWc3RhZ2luZy1hc3NldHMuYndieC5pb4IRbmF2LmJsb29tYmVyZy5jb22CF3Nwb25zb3JlZC5ibG9vbWJlcmcuY29tghdzcG90bGlnaHQuYmxvb21iZXJnLmNvbYIMdGljdG9jLnZpZGVvgg53d3cuYmJ0aGF0LmNvbYITd3d3LmJsb29tYmVyZy5jby5qcIIpd3d3LmJsb29tYmVyZy5jby5qcC5zaGFyZWQuYmxvb21iZXJnYS5jb22CJ3d3dy5ibG9vbWJlcmcuY29tLnNoYXJlZC5ibG9vbWJlcmdhLmNvbYIVd3d3LmJsb29tYmVyZ3ZpZXcuY29tgg93d3cuY2l0eWxhYi5jb22CJXd3dy5jaXR5bGFiLmNvbS5zaGFyZWQuYmxvb21iZXJnYS5jb22CE3d3dy5xdWlja3Q="}
01313{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482844787933,"flow_src_last_pkt_time":1646482844798597,"flow_dst_last_pkt_time":1646482844815877,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1340,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1340,"midstream":0,"thread_ts_usec":1646482844815877,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"151.101.193.73","src_port":43412,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"www.bloomberg.com","domainame":"www.bloomberg.com","tls": {"version":"TLSv1.2","ja3s":"16c0b3e6a7b8173c16d944cfeaeee9cf","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02350{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_packet_id":5,"flow_src_last_pkt_time":1646482844798597,"flow_dst_last_pkt_time":1646482844815927,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1406,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1406,"pkt_l4_len":1372,"thread_ts_usec":1646482844815927,"pkt":"PKn0qB\/spJGxgjQ5CABFAAVwr+NAADkGcc2XZcFJwKgBgAG7qZRSHsoUTEytEYAQAQkU1wAAAQEICijnPNRUsmtyYWtlLnZpZGVvghB3d3cudGljdG9jLnZpZGVvgh1jZG4tYXBpLmNtb2JpbGUuYmxvb21iZXJnLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH8GCCsGAQUFBwEBBHMwcTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3J0MAkGA1UdEwQCMAAwggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABfyOoLawAAAQDAEcwRQIhAKS04h8Xa0C\/xl8o9fcEchgZ7LgujNxsiTfC3v3h8HzLAiAZ2OTGizV66JQtvC2uNRoeBZMyEFHZMGojtbKvLrMatgB3ADXPGRu\/sWxXvw+tTG1Cy7u2JyAmUeo\/4SrvqAPDO9ZMAAABfyOoLXwAAAQDAEgwRgIhAJzoJV3AXHa5A\/737Yh1cLnLasO2WklqOBN3irXRgF+CAiEA4aFZ4KcuFwRLyP+7OctTUMCwUGqdDnVtR7LZ6G3j7W0AdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX8jqC2XAAAEAwBIMEYCIQCfpqhHkrQ23+\/QZHF3J2MQKIlFsIp\/jwK6mAUijDMMQQIhANN3Ti5QiyMbDBtWfZHNmvvqR79hQXk45KTYcI9ILHuOMA0GCSqGSIb3DQEBCwUAA4IBAQAaIrz0UG4uoXKa9ZVPxKmAdnUzCV0F9btVTcH3GQow0EH+Y2D2c4G89VcH\/sbltQE6qlRl\/47QirJiw1wStqk7EK1ZHm6fMWk647FjW\/X51gqduNVG6Sy8YuCwhIOHcXf0qp\/cUx8EdOhobHnYUkxs352KiX4hLJA8SZfPR57FvWXmOEnkV65k8mtQev\/ZigRUGFBQZEVCDzFCBq+n9g56Lm8\/EuvqctNf7Lu0nynPnpb6aA+VAZAoIJhVXjwxC4izLFeNZV0aI22ujFT+uxkQGO5j3l3Hcwu0w72i3zh7xVBMMiJDhaeyhEgR9gtoQ9AwrbqZa6ahgIZH0myDxBZbAATCMIIEvjCCA6agAwIBAgIQBtjZBNVYQ0b2ii+nVCJ+xDANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaME8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTA="}
02181{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646482844787933,"flow_src_last_pkt_time":1646482844798597,"flow_dst_last_pkt_time":1646482844815943,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1340,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4020,"midstream":0,"thread_ts_usec":1646482844815943,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"151.101.193.73","src_port":43412,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"www.bloomberg.com","domainame":"www.bloomberg.com","tls": {"version":"TLSv1.2","server_names":"www.bloomberg.com,api.businessweek.com,api.bwbx.io,assets.bwbx.io,byzantium.bloomberg.com,cdn-mobapi.bloomberg.com,cdn-videos.bloomberg.com,cdn.gotraffic.net,charts.bloomberg.com,embeds.bloomberg.com,fastly.bloomberg.tv,feeds.bloomberg.com,fonts.gotraffic.net,staging-assets.bwbx.io,nav.bloomberg.com,sponsored.bloomberg.com,spotlight.bloomberg.com,tictoc.video,www.bbthat.com,www.bloomberg.co.jp,www.bloomberg.co.jp.shared.bloomberga.com,www.bloomberg.com.shared.bloomberga.com,www.bloombergview.com,www.citylab.com,www.citylab.com.shared.bloomberga.com,www.quicktake.video,www.tictoc.video,cdn-api.cmobile.bloomberg.com","ja3s":"16c0b3e6a7b8173c16d944cfeaeee9cf","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1","subjectDN":"C=US, ST=New York, L=New York, O=Bloomberg LP, CN=www.bloomberg.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"88:4A:85:34:1D:E6:C0:BE:5E:C6:14:BB:BA:94:A3:55:92:BA:95:82","blocks":0}}}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482845216543,"flow_src_last_pkt_time":1646482845216543,"flow_dst_last_pkt_time":1646482845216543,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482845216543,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.139.210.102","src_port":57014,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":379,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_packet_id":1,"flow_src_last_pkt_time":1646482845216543,"flow_dst_last_pkt_time":1646482845216543,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482845216543,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8ZOJAAEAG1L\/AqAGAbIvSZt62AbvYtDuvAAAAAKAC+vDuhAAAAgQFtAQCCAq3z7DKAAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":380,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_packet_id":2,"flow_src_last_pkt_time":1646482845216543,"flow_dst_last_pkt_time":1646482845236185,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482845236185,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8MSYAAPgGkHtsi9JmwKgBgAG73rYdOl\/82LQ7sKAS\/\/9A+gAAAgQFoAQCCAoefQzKt8+wygEDAwg="}
01242{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_packet_id":3,"flow_src_last_pkt_time":1646482845241664,"flow_dst_last_pkt_time":1646482845236185,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482845241664,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5ZORAAEAG0sDAqAGAbIvSZt62AbvYtDuwHTpf\/YAYAfbCEAAAAQEICrfPsOMefQzKFgMBAgABAAH8AwNDaq9+o2\/m1P9XaJsuL18rMu\/cbIc9LrPA5zUbsuvbziCdB7Y010YsAP9WvlmHthVAcmE9qTBtm04O9SpF9+K9iwAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAhAB8AABxzb3VyY2Vwb2ludGNtcC5ibG9vbWJlcmcuY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIFWzj0ex9WIWXeCl2qveVdo+cRB1gHroBn+mOFydyRUDABcAQQTZ7Kd3Dh15jhsRvRpWp2w5A6ZrOrpRgthYeTOHm9lBNbC7SyMy7sz4nAvG5eX8+75Yb0V9pFtY29+UzxdUbzEpACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAHoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01257{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482845216543,"flow_src_last_pkt_time":1646482845241664,"flow_dst_last_pkt_time":1646482845236185,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482845241664,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.139.210.102","src_port":57014,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"sourcepointcmp.bloomberg.com","domainame":"sourcepointcmp.bloomberg.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_packet_id":4,"flow_src_last_pkt_time":1646482845241664,"flow_dst_last_pkt_time":1646482845260491,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1494,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1494,"pkt_l4_len":1460,"thread_ts_usec":1646482845260491,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXIMSkAAPgGiuxsi9JmwKgBgAG73rYdOl\/92LQ9tYAQAQVWSwAAAQEICh59DOO3z7DjFgMDAHoCAAB2AwMl00JNBhjoDTpue8OJUtDI7gWrENRehivML0uiJZw+aCCdB7Y010YsAP9WvlmHthVAcmE9qTBtm04O9SpF9+K9ixMBAAAuACsAAgMEADMAJAAdACA6ANhx1SULZ5qicHmcZpgOcKzyDJFZ4gyvotfcMC7xUxQDAwABARcDAwAkmehBQSsokWn1+0xD1Ekz\/emWUgmYCHXTpXumKfkkeAhEZPb1FwMDDdQsVccoMVo+96JdzPbhNPdALkbarmAR5a29lK0\/NdmKqcwPR+V1gffSxJKNaqhaiikQk1bK7YYDLKeNYrQ2fYtgQhJ1kLS7Q\/BwFAtLwkQZm3pSfglioGxnCtPRUl8OedqJS1IHYsXjUVUnZNbiUW4XiIPcFw8z9jgypB9ajSZRPFvDsCesm5Mok8748tu2PljORa+fVT0PBZVIIVOIZssACXOZHB9ialf6dAx\/dx3mnn9ZvFrrUV936EU2e7njSQ74xl6JgM7UfntfwrniAxgxW+NSqSBWGRf0Vje6YkWYW2G5Yc\/WNwhE1sfvVaBo4S8lFZTACgG+cvXDc\/c4SuK9ClLp\/bgTLtQ\/84s6saAL6CIyRtNJOfQapfqQ52tBEw9WWRQRx+GVxe\/qFZ7Q6\/RY\/jAOIX9Vu77gloPqU5l9m9GtURRXaaIgOWf6CnARAJ\/lrIz9A7+X+BK1JT5vxW+o262KGPCK\/e51NeZPqvd6+ZAb2KB94B3Lw6vfzGlWJjXf93hk6CFqaYqDSJ9wdq8l3DiC83OgRXvtu6v8hs7Nyhp0\/Dhsz0M4sjiH64sLXf7NUSvFzBsPr8Zwmc3l84oRo5Oz8ZykhchBCEXuGm0NUSniu5qly88yhPgXv3DH5BIbUJ5YY1LY86QRRmreSSxLMMYCdQDwtA25NnbEgqBn6eugtUhVOhe35f8mL9+IH7HeIHovRyF+FAhrnRf2x3vAI6IV2N5D+TngPrbltBGlfU74buGa2\/UTdnAwm3kXNkF75teSUXRR3W0Ae+7Vde7scMX1UXXs7Myuv8g9WsMdHhRzgWukNecHwfZKuZRSQjzLYV4S50tDsvrdwBaFlfgJoVXRTlkYGJauaMaseVVSmMrFLnDvY5Q3qlTOmiyt4PXiVhbVzIR5\/yjVRJEuxMqMIvKMCASwC9ejgMzwYWEVJ9COaaqFwo73yLZzoRXG7bb4Jvx+yLz2TiUdEJkDx7Tz4JrMuTX\/iYeBcMePikQhsOo3ecgAAEtWhklIiWyV5IZsWx+pDVKLvyIkaHh4surWWPL0\/gDbsafXtWKQGo5yUc4VU7rABE8\/RZ\/EyilMuaY+GUtcEI09RyqJj8utYvyIOaOl+qwkJf1uQ\/HlzJGrHLYJYbm52c5E4W8sphVASbEoo5wBc80ipoOk5oRHUKatThn2v0kGZRwO9d0edN0LHVskXzDOAg9cshMRuy0wXIAEyNTlWnDY8+qbUyKyJbnST1OcV4jVO342qF5Qt31fM0ZWlp2TKesvoZNeH+6muAu4P+Pvu+y1yPdzbolbedSPSORYPSOvByajv5MZPAxsDis4mNRcaJiQ0zQG7+37qZ5Y4SYLWRGGN6nfvoEBfHcwjtLTwludHgGykbRE8Os78V1m7rs6OTc0zfR+BVxlbiThNAg6I0wNJdLl7ZerAQlHURWSgkIR0ZS2jDVHkBye0buCzGJ28kUKq3ocUk1VGT813+Lxn3OXqK5v34Y6GJVShc3Pc+CWnBbtICjaYSvoklRiXx+o+PtsG1\/DuoitHuvHYrXBhlc9SM0VoERTyCuuR8v7kZkS+V3H34LXnYnPeR56LoSgM6ItoHUrI67gt8eWgArjEaLeDSA65qb9ZZTPHVGM1FsXERms\/AxnooVxQJxS+QN5jS1zbPGaInFY1oaU"}
01302{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482845216543,"flow_src_last_pkt_time":1646482845241664,"flow_dst_last_pkt_time":1646482845260491,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646482845260491,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.139.210.102","src_port":57014,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"sourcepointcmp.bloomberg.com","domainame":"sourcepointcmp.bloomberg.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482860064890,"flow_src_last_pkt_time":1646482860064890,"flow_dst_last_pkt_time":1646482860064890,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482860064890,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.14","src_port":48654,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":1,"flow_src_last_pkt_time":1646482860064890,"flow_dst_last_pkt_time":1646482860064890,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482860064890,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8zthAAEAGckLAqAGADWsqDr4OAbv2xGogAAAAAKAC+vA6VgAAAgQFtAQCCArF2TKPAAAAAAEDAwc="}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":2,"flow_src_last_pkt_time":1646482860064890,"flow_dst_last_pkt_time":1646482860089011,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646482860089011,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0KdNAAHUG4k8NayoOwKgBgAG7vg7o0cSg9sRqIYAS\/\/+nUAAAAgQFoAEDAwgBAQQC"}
01226{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":3,"flow_src_last_pkt_time":1646482860092199,"flow_dst_last_pkt_time":1646482860089011,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646482860092199,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItztpAAEAGcE\/AqAGADWsqDr4OAbv2xGoh6NHEoVAYAfY2twAAFgMBAgABAAH8AwN91wMalwKbnp34VhS8QvEFPozBOcSHhaFoSNBfPba3AiDXrrHLYmT\/nToyiJxYmouQzlobVBifJMUtdUWk4ZdOUAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAVABMAABB3d3cubGlua2VkaW4uY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIOvcUoPBHSJ9xxKLt05ZOdwqxB4X188WUTuTKbETRNVIABcAQQSw33BhIovc8GgXm9sGLVvnRexF7f826PClnfuvUvruR3Sq4irZ9toHOp2agzdKIN0AwGPF8iqx1fv+O3\/0IjBNACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01225{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482860064890,"flow_src_last_pkt_time":1646482860092199,"flow_dst_last_pkt_time":1646482860089011,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482860092199,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.14","src_port":48654,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.LinkedIn","proto_id":"91.233","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.linkedin.com","domainame":"www.linkedin.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":4,"flow_src_last_pkt_time":1646482860092199,"flow_dst_last_pkt_time":1646482860115739,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482860115739,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcKdVAAHYG26UNayoOwKgBgAG7vg7o0cSh9sRsJlAQCAOTsQAAFgMDEXYCAABiAwNiI1WsTmofcs6rZ4ZlM+z1u2dhEj0OTh7AHYb4D6lYUyBlLwAAM\/J2abAgSFkNJvT\/lV9leUYHgs9icNHB3u34vMAwAAAaAAUAAAAjAAAAEAAFAAMCaDIAFwAA\/wEAAQALAA28AA25AAjHMIIIwzCCB6ugAwIBAgIQC+Uto1c8pocuRBbJmCjD9TANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjIwMzAxMDAwMDAwWhcNMjIwOTAxMjM1OTU5WjBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJU3Vubnl2YWxlMR0wGwYDVQQKExRMaW5rZWRJbiBDb3Jwb3JhdGlvbjEZMBcGA1UEAxMQd3d3LmxpbmtlZGluLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK9Z00hEjLEoN2ZIvx7gbEWJCUwcxKxtSBmhjubbOLDX\/wWTVZgPdi5x4kWjwmankMEb8mjtK91Y7VBg8zYmU\/AYA26XNoudlHmDk\/8jwvgsHurqgJV7ltkjddOqUy0IKTCvFaSfS0fCsuw1hkA4YzTbor9ayAQGv0uYEjoddNjAVKl6PEF6lEHLrEiB5BXZd8HmWKFCHPtW5ZKkOFTvYrBP+1f7visBFj48gMVw52WSpIAEcJqyLK25uWMNepgz1Gqr2G+PQH8D7eqU5pmiIckmQb5Ti9ttF6ASPtM6KgXMUXV3BJQHDBPWHt\/RhFpwTLCCe9rhRtNNdmPCiYRl8F0CAwEAAaOCBXowggV2MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBTS+JTUOJ2cy8vTZ1B2ndG6vhLyGTCCAiUGA1UdEQSCAhwwggIYghB3d3cubGlua2VkaW4uY29tggxsaW5rZWRpbi5jb22CFnJ1bTUucGVyZi5saW5rZWRpbi5jb22CFWV4cDQud3d3LmxpbmtlZGluLmNvbYIVZXhwMy53d3cubGlua2VkaW4uY29tghVleHAyLnd3dy5saW5rZWRpbi5jb22CFWV4cDEud3d3LmxpbmtlZGluLmNvbYIWcnVtMi5wZXJmLmxpbmtlZGluLmNvbYIWcnVtNC5wZXJmLmxpbmtlZGluLmNvbYIWcnVtNi5wZXJmLmxpbmtlZGluLmNvbYIXcnVtMTcucGVyZi5saW5rZWRpbi5jb22CFnJ1bTgucGVyZi5saW5rZWRpbi5jb22CFnJ1bTkucGVyZi5saW5rZWRpbi5jb22CFWFmZC5wZXJmLmxpbmtlZGluLmNvbYIXcnVtMTQucGVyZi5saW5rZWRpbi5jb22CF3J1bTE4LnBlcmYubGlua2VkaW4uY29tghdydW0xOS5wZXJmLmxpbmtlZGluLmNvbYIVZXhwNS53d3cubGlua2VkaW4uY29tghlyZWFsdGltZS53d3cubGlua2VkaW4uY29tghNweC5hZHMubGlua2VkaW4uY29tghRweDQuYWRzLmxpbmtlZGluLmNvbYITZGMuYWRzLmxpbmtlZGluLmNvbYIHbG5rZC5pboIUcHguam9icy5saW5rZWRpbi5jb20wDgYDVR0PAQH\/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaWNlcnRTSEEyU2VjdXJlU2VydmVyQ0EtMS5jcmwwP6A9oDuGOWh0dHA6Ly9jcmw0LmRpZ2ljZXI="}
02504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_packet_id":5,"flow_src_last_pkt_time":1646482860092199,"flow_dst_last_pkt_time":1646482860115780,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482860115780,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcKdZAAHYG26QNayoOwKgBgAG7vg7o0cpV9sRsJlAQCANyfgAAdC5jb20vRGlnaWNlcnRTSEEyU2VjdXJlU2VydmVyQ0EtMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH4GCCsGAQUFBwEBBHIwcDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEgGCCsGAQUFBzAChjxodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyU2VjdXJlU2VydmVyQ0EtMi5jcnQwCQYDVR0TBAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF\/RrUkkQAABAMASDBGAiEA+FtG2xqOeknb5qzzR\/2o\/CMHUoHXpbB1F1QDWyi0Xd8CIQCjJnlF37XWsl4u91K3f0Rnf1VYnCAovaJgsk9Qa+M7LwB1AEHIyrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABf0a1JMIAAAQDAEYwRAIgRG\/7ZB++axDAT5iB0bRQY0hd1mU2pRFSDCwIH3fY1LgCIDKIYU8v7DdnD4IRMHofw+krh1hw5ap6xw2wpYERIS5dAHcA36Veq2iCTx9sre64X04+WurNohKkal6OOxLAIERcKnMAAAF\/RrUk1wAABAMASDBGAiEAj8oQdnEteoNcAfzVyoIT4dQ6QxpZDmTGrUmY88GmgsACIQDYIkjaVgr7+tK\/mz5U79LBLgDLezP58MMbT6WOjvqhKTANBgkqhkiG9w0BAQsFAAOCAQEAqAhlEkLFRsSjnBvf41roZI6E9zIWCA1frIw\/OjQB42j+5wk\/P87qOpF2ld6R3\/QLm8z2ntkMRaDoQwpmL2LDkNMku+fN\/h1+0RX3svEesC67fPqY0TvIbea5SQ8cDqt3r7G2vlOEZD1V7JWAn+FtyyPDZgt5wfEg\/V4kz\/91SKyA\/WJLIkSChoTKxe3xRAKGifslHkZUFWVam\/ArpwFOSHQEmOhieKeYNhnjiS0r3JJSl\/\/zQXrk5f9NhyHQnjTltaMBqM0VkMH4xmlR0PAJPsD2DX+InL9R8ppWnzUUeQJKtCT55kJoVrE8\/QXtq1TBdvLA51syBf\/sCoM5ABnZ2AAE7DCCBOgwggPQoAMCAQICEAJ0LqoXyo4hxxe7H\/z9DKAwDQYJKoZIhvcNAQELBQAwYTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4GA1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgQ0EwHhcNMjAwOTIzMDAwMDAwWhcNMzAwOTIyMjM1OTU5WjBNMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcrliQTcHEMBWQNVtuPIIV9SxcvePb\/3FD+mQlgNTuGKJN8GbQCnNuEZg2F2SvN539+kGEr8evjP4ac03PM5eQopaHU4MruaZ1SC0dVjd72jEyGtesqwb0ql1Lt0dG3SqTw5AueYCA7xMEahQ7tZuSvsIHZU782vz\/eq7cXH5VMQzoOQek174v0wtq0rHfX\/5XdFM7NYDdro5EmLOfDtPa4Nf0aymrRKdLWIRtkkuBw9pzixKXSJAERXUa3Tcxl5LozVQNO+TBPzleLrjzXH4QjoZBAI1FZkewoWXOoKopCU7zl+voLqsPcqcwDvrH9P0Ud8OkWyhXwrP5gv23RVibAgMBAAGjggE="}
02074{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646482860064890,"flow_src_last_pkt_time":1646482860092199,"flow_dst_last_pkt_time":1646482860115809,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4475,"midstream":0,"thread_ts_usec":1646482860115809,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.14","src_port":48654,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.LinkedIn","proto_id":"91.233","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.linkedin.com","domainame":"www.linkedin.com","tls": {"version":"TLSv1.2","server_names":"www.linkedin.com,linkedin.com,rum5.perf.linkedin.com,exp4.www.linkedin.com,exp3.www.linkedin.com,exp2.www.linkedin.com,exp1.www.linkedin.com,rum2.perf.linkedin.com,rum4.perf.linkedin.com,rum6.perf.linkedin.com,rum17.perf.linkedin.com,rum8.perf.linkedin.com,rum9.perf.linkedin.com,afd.perf.linkedin.com,rum14.perf.linkedin.com,rum18.perf.linkedin.com,rum19.perf.linkedin.com,exp5.www.linkedin.com,realtime.www.linkedin.com,px.ads.linkedin.com,px4.ads.linkedin.com,dc.ads.linkedin.com,lnkd.in,px.jobs.linkedin.com","ja3s":"a66ea560599a2f5c89eec8c3a0d69cee","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA","subjectDN":"C=US, ST=California, L=Sunnyvale, O=LinkedIn Corporation, CN=www.linkedin.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"CE:D8:A5:BE:BD:4B:EF:E9:22:C8:0D:55:A6:7A:A6:4A:B8:03:4A:53","blocks":0}}}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482866432813,"flow_src_last_pkt_time":1646482866432813,"flow_dst_last_pkt_time":1646482866432813,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482866432813,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"104.23.98.190","src_port":39934,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_packet_id":1,"flow_src_last_pkt_time":1646482866432813,"flow_dst_last_pkt_time":1646482866432813,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482866432813,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8sBtAAEAG\/aLAqAGAaBdivpv+AbuQtJSoAAAAAKAC+vAG0QAAAgQFtAQCCAoY1d1UAAAAAAEDAwc="}
00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_packet_id":2,"flow_src_last_pkt_time":1646482866432813,"flow_dst_last_pkt_time":1646482866449895,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646482866449895,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0AABAADkGtMZoF2K+wKgBgAG7m\/4hqZihkLSUqYAS\/\/9k2gAAAgQFeAEBBAIBAwMK"}
01228{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_packet_id":3,"flow_src_last_pkt_time":1646482866451722,"flow_dst_last_pkt_time":1646482866449895,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646482866451722,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItsB1AAEAG+6\/AqAGAaBdivpv+AbuQtJSpIamYolAYAfYUJQAAFgMBAgABAAH8AwOkCw2THMGhALk0\/S0UPYY9Fiy1MMas0dLFjf2ObmEV3iD+CRapxYYnJ+AUET5SjxVSaJRJeT\/rvI5T4N1r2TpPLQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAARAA8AAAxwYXN0ZWJpbi5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAg+1dFx2JbQxGMLbjHxdWGfdupB63kQdiHTmuNhsrVgTQAFwBBBKdDPqMFSChZhRpkv1Y2JjoX2aNL5O59XM1C0oY6ZFf1Ifckam\/eVu5cuFoipFrAsWBrxGiWt6uHvmWbTHpfZoYAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01355{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482866432813,"flow_src_last_pkt_time":1646482866451722,"flow_dst_last_pkt_time":1646482866449895,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482866451722,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"104.23.98.190","src_port":39934,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"TLS.Pastebin","proto_id":"91.232","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"pastebin.com","domainame":"pastebin.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_packet_id":4,"flow_src_last_pkt_time":1646482866451722,"flow_dst_last_pkt_time":1646482866473555,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482866473555,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXc5p5AADkGyH9oF2K+wKgBgAG7m\/4hqZiikLSWrlAQAEOqmgAAFgMDAHoCAAB2AwP3Tq5B8YNEMfsXlrFMX+cJAFyFVvc0vfL0PA2JGf+P9yD+CRapxYYnJ+AUET5SjxVSaJRJeT\/rvI5T4N1r2TpPLRMBAAAuADMAJAAdACC8SQ+nuWrZ7m3OjQeSS1gBey1dX5dviwGQo25iSW1\/NwArAAIDBBQDAwABARcDAwrUWcozSi8H7mX6VFJzUeu67AZTvXqUqieEsv\/SCDJRG04D+K\/85tjRqQc8IaCdG\/Ma1aXupXOao7EKs5dxBr3PHgCnoZWlYvp\/vFnFY01UAzahy\/2Ln9B1zUwtz3uzYWpPoGwuBDYDyCpp5YCc+VRCAnimPndtFHu3f4cf34kw2R5ghDuHJM7XgI73uA+QhtA7Lm4qDNd8IQfVR8ibSoojBbJrGjlrMQnTX7bHfa69gUL02NPLTCS33EoTLoykHGbhIz2\/YuL\/j1ygs48g5VI0e5UDSy44uHoYuG8a3Pxy\/Jsd6q0AsLyEhl4DDnMqq1vIVyMY7ikBvPWLXXY3uSTsmsc4VjT\/ZmG6OPEqE0L2tN3PEBzr2VhcEtTrd+9r\/eF7EZBgkbAQV2wfYSuhYdYJ1oEdnnGOhWfgLD2yuADzfTagVwZlvJlNYpeHylpdEoKNNmjalqi4UfF2uWlffHXAfu4Hg+LiYV7z7T4NsVUwbLjKuix8i4aqtmFBzlkkxa0BSHy2wbR+5xuovlePUkmo3dHB7v4hPHoULqISNEaXo8kyfzpdupdn5Lv0ECyEWOBvSP+FrJnILjG2c7ZdDIbZrnZzaIcQnuZsXq2XAY9V16zDi0O967QfiocL4\/N2fl3JfJoW3Kl1GkdRvgzmcIfydx+6gdTa0LgIFCL6FL+bNJ18LHt0BrvqQgh4o8hN68WCW85ancsvwsi3SQaj73TgMDWzBHPKxab2gJ3ISuOMtj1AwlI0ph6HRkfMUBrkAbKTBjJx+Yn3AxV7ED\/zIalxlIZjJn0hkfwv05YT5n3a0Qv28ydooU720u9U2G9I6wCY67M7ARbDxKZytUKyQ8LT\/WaUL8TiCQh9lnFD2DHfdAt266xCi1GOOhbGF5vPruMEhnAAM0Uq1x0ZdnLJqIvynwlgt6RyiGkmPYiTKgDaH05xZRnfZiamnJAn7KXYk7br6cRTUFbAPztRA3ZggnVdtIdpBqWOyqMf3A1crx4HkTR\/UI9sFZ09yKQ\/QZF2LtfHl23BzZPfneVeYdREYFnXmizM+4DmNZ7KIYB5x3V9jmRVL6n7f7jLIDawk4AJ0ANKucfylh3+WFoT9Kj7u3KHHuOuudNj0GUHHpNdQbO8FVrLWrkCjI1bL5AD6p8qSealSyklawCJLA9TSqkLN1bwtaqBj4giDwqlsZmyirSvKRJI\/TYL1x\/PFoac3isoZTlC+gcPS2BJWh2Q2kmrNblWxEd2q9+VbpXYIZhojih27WiiQEUaEEDpIuCI3CAKoZVfm2eUhht+WesN2uXf6AmFYNY6qz5BsEegkUjA0nAMd2LkVqZT5EL5TeGnQebZPTMbJppUlgKujUUbvTp7+J5b9Vm9YIGm92F7jLbl\/gt7N7c\/bF9qY7foS7+KmHx+SdvDqqa2Iv0eyriBMb7Rc++W8dLN1uJEhewsCqzdBVNLul2FJ1KTTGwvB6myPxhZYKncYHrgsla0DBbWlOKIJRBF+QERnyOWzD6TLU+1NfJEvuAb6tRw6VRK8QQ9JwM3+4V6xP0\/gCSbij1Fwj32gHkrzZBB7wEtaF7ErRpPrRaGDkQnvOjDASk8a9uZMAIGEoCEJq8bQMDOn9AMdwa9iiLTTMio6zoUV6UM8Z6G5rErYguciEZ0nXJU8DVNLjvmWetbvJ4du9iFbxoCn0hdFwRGwad\/Gw7TZ2+6BIoboa8w2wHxGhHuPNLY7f6lh7KOTtdTzgXYyQuzLhAhKS+bFK46mJx9AGX\/7fRY2OA="}
01400{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482866432813,"flow_src_last_pkt_time":1646482866451722,"flow_dst_last_pkt_time":1646482866473555,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1646482866473555,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"104.23.98.190","src_port":39934,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"TLS.Pastebin","proto_id":"91.232","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Potentially Dangerous","category_id":7,"category":"Download","hostname":"pastebin.com","domainame":"pastebin.com","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482879566800,"flow_src_last_pkt_time":1646482879566800,"flow_dst_last_pkt_time":1646482879566800,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482879566800,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.68.189","src_port":57336,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":1646482879566800,"flow_dst_last_pkt_time":1646482879566800,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482879566800,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8ZJ5AAEAGuDfAqAGAFwFEvd\/4Abu+RY+DAAAAAKAC+vCgEQAAAgQFtAQCCAqibL0tAAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":2,"flow_src_last_pkt_time":1646482879566800,"flow_dst_last_pkt_time":1646482879585905,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482879585905,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADkGI9YXAUS9wKgBgAG73\/iES9VYvkWPhKAS\/ojG\/QAAAgQFtAQCCApEcjdUomy9LQEDAwc="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":3,"flow_src_last_pkt_time":1646482879590126,"flow_dst_last_pkt_time":1646482879585905,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482879590126,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5ZKBAAEAGtjjAqAGAFwFEvd\/4Abu+RY+EhEvVWYAYAfb4UwAAAQEICqJsvUREcjdUFgMBAgABAAH8AwPTmj1yotJrCU5Axy8WSqX4RbWM\/SINHTcC+qIJwwqdWyAtxwR2GOpVXqzss+L4QuffJNllYoSRruXn4YOMT1n2UQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAYABYAABN3d3cucGxheXN0YXRpb24uY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIO+m+y4kE\/Ul0wRfLnWkNqXDSHnFmA3tI1g\/5Tv\/EZwCABcAQQQh+3EFl7VEJWAHnTsK42aVbCexqYTb9DwqjdAN6Pu9IMJwjvRFdXg\/Y6aZYu3btbo89OdSMmSsifn4YkrISGSJACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01224{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482879566800,"flow_src_last_pkt_time":1646482879590126,"flow_dst_last_pkt_time":1646482879585905,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482879590126,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.68.189","src_port":57336,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"www.playstation.com","domainame":"www.playstation.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02493{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":4,"flow_src_last_pkt_time":1646482879590126,"flow_dst_last_pkt_time":1646482879608912,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482879608912,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcuGRAADkGZdEXAUS9wKgBgAG73\/iES9VZvkWRiYAQAfqCIgAAAQEICkRyN2yibL1EFgMDAE4CAABKAwOBBacTcxLQcpf\/xOGxRR2CePwULm5vU9EXzObSIHQCawDALwAAIv8BAAEAAAAAAAALAAQDAAECACMAAAAFAAAAEAAFAAMCaDIWAwMLgAsAC3wAC3kABtswggbXMIIFv6ADAgECAhAPQ7qsH8llHaxnrRr1FzWXMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTAeFw0yMTExMTkwMDAwMDBaFw0yMjExMTgyMzU5NTlaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJU2FuIE1hdGVvMSswKQYDVQQKEyJTT05ZIElOVEVSQUNUSVZFIEVOVEVSVEFJTk1FTlQgTExDMRwwGgYDVQQDExN3d3cucGxheXN0YXRpb24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3Qgt4P9Y224g0zoPtHTQ62jOmkBDHAJt9oe2ENfUBlMYZiYOdvuj2oWA0hWM\/1u2BCu36V67lS4b99HLRCikrHVgUNxkudO8rkdL4tH3t3WAQRMskVgepd2HaZYil3INmaLa6f1JMFYIa68G4gbbt8fKYh1+Di2herOlebADQ7GSx2oRUf8lmfZDdNvX8NLVcQNNtiGFDQx9PawZErjW11tozNDi9Hu43AfqEjTn5Cy7jcNbRSV\/vWHhX677Er6den3rznV6K6msbmWNeoygSfN+QtGW4zaFzWy6AymB9ZWyjAZKxZIPykYuNIT8iMwCrVJVtekRIgiSWVoBxqHSQIDAQABo4IDfDCCA3gwHwYDVR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFABNUfVgXrmPa\/rV+1oGI\/9o5f0PMEkGA1UdEQRCMECCD3BsYXlzdGF0aW9uLmNvbYIYd2ViZm9ybXMucGxheXN0YXRpb24uY29tghN3d3cucGxheXN0YXRpb24uY29tMA4GA1UdDwEB\/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwbwYDVR0fBGgwZjAxoC+gLYYraHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi0xLmNybDAxoC+gLYYraHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NzY2Etc2hhMi1nNi0xLmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwfAYIKwYBBQUHAQEEcDBuMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRgYIKwYBBQUHMAKGOmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJTZWN1cmVTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH\/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUARqVV63X6kSAwtaKJafTzfREsQXS+\/Um4havy\/HD+bUcAAAF9NYkWGAAABAMARjBEAiBw4adKSoTaEg1DG55p72lSiGR59iIJtfIV11QzYcKSNQIgYgMdbbAZDTRsdEJJx3wKfM4qIJgNRlkkzStk2fCy0fQAdgBRo7D1\/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAX01iRZPAAAEAwBHMEUCIGH9aujoguOS89DfmthBnuGimJ20LoIiOLkOixddzmM+AiEA8SGoDfP+SexGTJcaM5VPyxRoJmO+qb0="}
01307{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482879566800,"flow_src_last_pkt_time":1646482879590126,"flow_dst_last_pkt_time":1646482879608912,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482879608912,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.68.189","src_port":57336,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"www.playstation.com","domainame":"www.playstation.com","tls": {"version":"TLSv1.2","ja3s":"19e4a55cecd087d9ebf88da03db13a0f","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_packet_id":5,"flow_src_last_pkt_time":1646482879590126,"flow_dst_last_pkt_time":1646482879608943,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482879608943,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcuGVAADkGZdAXAUS9wKgBgAG73\/iES9sBvkWRiYAYAfpUtgAAAQEICkRyN2yibL1EFHEbMrNgcVqrAHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9NYkVygAABAMARzBFAiAdEk5JcTg8\/7GZwox4xrDJHor+3\/hk3iSBi12D9ueQhgIhANG8suAsXaZSFftsGvqVxcd1ECVM96JTmkQn+zmro7bDMA0GCSqGSIb3DQEBCwUAA4IBAQBh8+lX4cGkwrI0xajnGJa5hjhshafy1dyi\/OK4pBstrak8J6018kBebB7pfBJGDtjbyBZX8BLbBKhJz\/Nx0vUlLATCADCv66zTYDxI2g4AQQxmfIxPzWJn17x61253yb1u9bwdDmdYnm20ReQGI1Jp7iuMIm8SAwduBJdQX5t2CQTHqZPFZE2yYFlqsLZxrGlahLhssMIqGyXODC0TdYPmmK0vAagsTIFv\/2puBbc\/Ev+ZY94tP4yxJB8wirxNYgWiTpS7RaLXNUqd5rbSxdA+6k4w\/QGU5huraHGEt9GCs9MGoO2Sko2KouqwpMrBl9+pRLpf3jl7H+LH01LaIGV5AASYMIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyuWJBNwcQwFZA1W248ghX1LFy949v\/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83nf36QYSvx6+M\/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bdKpPDkC55gIDvEwRqFDu1m5K+wgdlTvza\/P96rtxcflUxDOg5B6TXvi\/TC2rSsd9f\/ld0Uzs1gN2ujkSYs58O09rg1\/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGXkujNVA075ME\/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0\/RR3w6RbKFfCs\/mC\/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB\/wQIMAYBAf8CAQAwDgYDVR0PAQH\/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzhxtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEBCwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq\/sELfeNqzqPlt\/yGFUzZgTHbO7Djc1lGA8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEA="}
01639{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646482879566800,"flow_src_last_pkt_time":1646482879590126,"flow_dst_last_pkt_time":1646482879608957,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3863,"midstream":0,"thread_ts_usec":1646482879608957,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.68.189","src_port":57336,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"www.playstation.com","domainame":"www.playstation.com","tls": {"version":"TLSv1.2","server_names":"playstation.com,webforms.playstation.com,www.playstation.com","ja3s":"19e4a55cecd087d9ebf88da03db13a0f","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA","subjectDN":"C=US, ST=California, L=San Mateo, O=SONY INTERACTIVE ENTERTAINMENT LLC, CN=www.playstation.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"19:BC:48:84:B7:B0:91:46:45:D5:DD:3B:B5:8D:8E:45:E8:42:1A:8A","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482879964649,"flow_src_last_pkt_time":1646482879964649,"flow_dst_last_pkt_time":1646482879964649,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482879964649,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.51.246.65","src_port":46264,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":1646482879964649,"flow_dst_last_pkt_time":1646482879964649,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482879964649,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8nmNAAEAGzLvAqAGAFzP2QbS4AbvcfW4jAAAAAKAC+vARXQAAAgQFtAQCCAo1KzXVAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_src_last_pkt_time":1646482879964649,"flow_dst_last_pkt_time":1646482879981627,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482879981627,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADgGcx8XM\/ZBwKgBgAG7tLg0LEpK3H1uJKAS\/oiOFAAAAgQFtAQCCAqG0XpXNSs11QEDAwc="}
01239{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_packet_id":3,"flow_src_last_pkt_time":1646482879983523,"flow_dst_last_pkt_time":1646482879981627,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482879983523,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5nmVAAEAGyrzAqAGAFzP2QbS4AbvcfW4kNCxKS4AYAfZhPwAAAQEICjUrNeiG0XpXFgMBAgABAAH8AwOVj3yfLLIdpS7ph9cCyv5vCYAGlSzvdrVr1N5tbcI94SDvfvqZxXeUOWdQ166wenjn8HB2CzcmnFG8kG7bSApHKAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAbABkAABZzdGF0aWMucGxheXN0YXRpb24uY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AID7op1onM6THMaho0vMOrhWIG6UTS6n8xwsrP6D1biscABcAQQR0Q9Knvll2eKORbkRyexBvYc7r+Q69FpqwjjnvO3KMU7d3ZPOw9jaGO1B0c9lo8UIHFSOSayE0o5gPreutfPv3ACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01231{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482879964649,"flow_src_last_pkt_time":1646482879983523,"flow_dst_last_pkt_time":1646482879981627,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482879983523,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.51.246.65","src_port":46264,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"static.playstation.com","domainame":"static.playstation.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_packet_id":4,"flow_src_last_pkt_time":1646482879983523,"flow_dst_last_pkt_time":1646482879998959,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482879998959,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcGehAADgGU5cXM\/ZBwKgBgAG7tLg0LEpL3H1wKYAQAfooOgAAAQEICobRemo1KzXoFgMDAHoCAAB2AwMdNiKdQS66TG1dyCOwptjBRt9POx14VVunuYZo7ql18yDvfvqZxXeUOWdQ166wenjn8HB2CzcmnFG8kG7bSApHKBMCAAAuACsAAgMEADMAJAAdACAXC3BnxXibQvXlPvXackVE6qVSM0uTzNS9wtehVYweARQDAwABARcDAwAuL9AYW1FJVOW2DFct7yJrAUSOFYcyR53maDik3s6L0ac\/+QVeexvew\/fM3kcU2hcDAwyBPzkyEyhEOs2cpsRzb56Q\/t1RuVr7dNNfhe6Pbsx6BmeRf00Xwmly1L6c4+FMLrgVmDa33uzJWX8VpfADSu4RnVvSm5Kpl0DoLZbTDVZ419fjRRioYU0kLoXsZqo9oXCLh35NJTARKEJfxuooDVVxrcOLS6QfUNhPFhqBi3rgPlELjpHdcwOv6kI5zWblIn0FKOaRx+edul5eSLPJrRbkKlQ4jFt0Ck0AEVaZYiX38MX+xcaA1n8XHTW3iOKt+1vCPn227UZ6XtwYdwRcJbXGNokr1rRrdNRo5uYAm+dXDAIpF3yIuPQXdhN5ojiwFprQOTsAsI5ez92QKqchMb1S15IPNdrUpw81cD4\/apouU520O9HsWFKAV+PRNLC2n2HZO9oMipSQ68TSDBnEJnUQlaAww6dAp0mphDPNloNW6elzTX6RTCJF0jmxs290U+JHrVByif4mDGvgWI+rWYoaprsCluFl4BJvai47IMcYMluMnEC\/F++q1CYOP3eCqlZLRcEDd4b3UsruiEehsAOSUAfM5Q\/5wQvUfevnbH3NaVqtcGcXsd9s5l\/mKBzlcEwtCcswGDLaQEHMzQfLnCay5caDVfVlVmtZHGa7X321aC88WROxZKXmDX\/vQ9F36+LH5dnKKpajdKJbWIhCb96hTTZFeSWIB6qVvukD4Mmn\/ql7qRBBqiaz92nT+gAdbAzWCmC5ZdbsE9TPNAOstQZm1gTyw4vtNHQhzRfQ+5CzWePQjJeH55NKulgYi93t+WmO\/Xw+nqLHaNTLVjvuFiPTN\/XDyI9enaPq5vi9cnU+92Esp9jVmsK87CoeAU\/hnqM4xtrq3\/s9F\/o0Ej0oLOXrvQJGJjvBX8s+Bwloch8k+G9qMCXqaOVmCA799Qf+MAnXUP7rHQH8ELm5p7p+GsHItR\/GY0iI7Qsk2oo3hxxPs0pfRHz5Wuhta5hUSg5TPSn+0JbFK4u6xfuBF5RFSPCdCVORHRUTa4ZYFnVIuheBC4PiSUp2O\/unoO6RGdIXqHTvPXrruCiYHkDcCPwpzJOrveYQRDcJDrcRik4nFoltpseMp7BD\/xZsgYY6V91gTJ\/6D+G\/91QVUv2Vfsat8xMhXcZs2XmJGMGnIoaAEU1unOdnbZ3gJA1rrsSqLVxT6c2hYt45Hh5VUuv32GdC2suPUROPPEa8vMa4SMnMtdYw+PQuEO4jkicw3rS4Ey8slQisoznZT7vA1Ic0iky+7DOalhCN++7Cco3WhKh35HQsI4DmMCYJCph8O6uU24eZFuH3bkCIlyuzY3+VHZFZIkeL7BCC4dYIkKe3ZOg1YWefN5f02xNOtgNYMMlFLU71s3SUIyDfKuLdTwhQddscQvWAga5bWF0yyq+Vqs4+IKLNTHwC\/Mr+y8YmShr+3eKA3WgxKI6\/wUUK\/yoxaTe54\/RKfMiVNrFleXpdBS7R95axKVhuyZSVrpd\/y0DqWdQDmtiuPN3GyyKs+zmnhamFXHyn\/PBnbm7zbuX1wRJDYRsJ\/0qCNS2YtdRPQAWEW0vkhpa+O\/TU4UaeZg3gE70cq1mLgxqurTLoy3ZMcyVcT3GAirx7NuzqPTCDZBmHGgl86eVUA8kiczF5TGrEsBM7bn+ewxFeluJyf0CEZfnjRgMVfuDjKxY80X+tNZ68XOcc5Y0dNf2\/P5Q9g1LzUBk="}
01276{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":408,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482879964649,"flow_src_last_pkt_time":1646482879983523,"flow_dst_last_pkt_time":1646482879998959,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482879998959,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.51.246.65","src_port":46264,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"static.playstation.com","domainame":"static.playstation.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482896911097,"flow_src_last_pkt_time":1646482896911097,"flow_dst_last_pkt_time":1646482896911097,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482896911097,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.199.67","src_port":43150,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":411,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_packet_id":1,"flow_src_last_pkt_time":1646482896911097,"flow_dst_last_pkt_time":1646482896911097,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482896911097,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8pPpAAEAGn8vAqAGAbIrHQ6iOAbuXn2EUAAAAAKAC+vCb0AAAAgQFtAQCCApW0sF4AAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":412,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_packet_id":2,"flow_src_last_pkt_time":1646482896911097,"flow_dst_last_pkt_time":1646482896918912,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482896918912,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8E58AAPcGuiZsisdDwKgBgAG7qI5txRYul59hFaAS\/\/+2KgAAAgQFoAQCCAqPYc1DVtLBeAEDAwg="}
01239{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_packet_id":3,"flow_src_last_pkt_time":1646482896921314,"flow_dst_last_pkt_time":1646482896918912,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482896921314,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5pPxAAEAGnczAqAGAbIrHQ6iOAbuXn2EVbcUWL4AYAfaXogAAAQEIClbSwYKPYc1DFgMBAgABAAH8AwNMrbkme+2pG6WKGaUcTfCs10ic95it0jPiimTr5KWaaiCmUwwyrZpDXgONpktntKRQJ28LAppHGUwuuBwH65AqlAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAPAA0AAApkZWV6ZXIuY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIAS3iFI+Lml2aqbJ99HMOh2pxKpjuORM+VA6AJN2jS5cABcAQQS2OgHZ7hQeCCurKRe6Z6o4CXtv3DRVG4xO7HV8XVI+fMr+wQD4VFXUBMvHu9XDFEguxQ+LZymMWbInoPBoAAbBACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01210{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":413,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482896911097,"flow_src_last_pkt_time":1646482896921314,"flow_dst_last_pkt_time":1646482896918912,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482896921314,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.199.67","src_port":43150,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Deezer","proto_id":"91.210","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music","hostname":"deezer.com","domainame":"deezer.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02483{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_packet_id":4,"flow_src_last_pkt_time":1646482896921314,"flow_dst_last_pkt_time":1646482896928135,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1494,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1494,"pkt_l4_len":1460,"thread_ts_usec":1646482896928135,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXIE6EAAPcGtJhsisdDwKgBgAG7qI5txRYvl59jGoAQAQXBQwAAAQEICo9hzU5W0sGCFgMDAHoCAAB2AwOS1XRiQhtHbsWk7IKMotNVJhoQERPfN6Zn9M8Pa\/9DzyCmUwwyrZpDXgONpktntKRQJ28LAppHGUwuuBwH65AqlBMBAAAuACsAAgMEADMAJAAdACC5e9xEfCV5fqDbMwqybkRNE38lDRLma9iWS1wPjNaVVBQDAwABARcDAwAk0F2uVi6cSugSVE5OnZzVG+pqX6vJqyLz11UQdWeMUASCS55bFwMDGeAaTkAQDlR2oi1a4CX3A43w\/i8sDBJV1bvBwohVahX\/jSqWGg3EbXZ6QP8zOTm+7UOdvBjp\/L\/Q06PJudYZ5nElqSGGv7wsN99O0PVbuoC6cMYGjAUaR2N6zjlkla6lYoZOaqqRopkEuw9+jdD69Q+LfVB6JRDMXGav9lD46FNEyIJiVeqB6ZzDvQsF0hDvsVRLgJL7+9brRJ02cWQjc790lJ5\/IV6KYzt9j\/RSvFj6tOV2tIGd37EOisJ+YPY1IBH+PgWTwA3DRjV16UoEmGah9+FadbHorXKCxyXACRs43RPkzvqTtNUWmE8AwOgUe7EC\/9J8tF4f+VwcjMcXUOYGHI\/\/TbgrRbD0olswt2g7FOU08CXcT4q9P5EhZJqdbRLAClKDhcpaHpnIALhs9\/spCNwC+fiiZV7Tw53HfD87aMzVul00joHapiXu0xAHWrzYnvyxan3XTUK4brp9Rd+ypqosrQYXg8tXxXhN2gCrvAxSSqhOi0AEpca8xK6G0v9v0CUzNQz6kqvZlDH6p\/ve+I\/UJjJzO2r+nwP\/kkYPLKURLPOlU2LlQVqmdEO\/WVisJkEHuHJPR23A7KQeH2thBVN+Thg5ujNqOKhOViVqbNg8pufR9snMUVLyyRwm0dnmj2+FzEkPaQh989nT0XCkEi0rSXY86hPcWR9iFN2lZhArJyPVa294V25rWpEW\/OHvdM4ADDANCrM1WZ5WMowmqzunXEtoleaiigLpTCxd3LlJjaFXYrDX1BHEVq1WV3plT4j+nixhYNZq8ZE3\/hyW94eyv6KpvG4EtBSeFQsErwEBuzBi7drPC7om+\/FvzbX0weIxfmZ7jj8ny7KpxaZJELgimpU8u8e83uxIN4BoeSkjfj5VjWx+D7jYgHNq8OgG9twFoxZ3H9zw6VXSCdI1NOfnM2KMD\/3NndebVP7Bw4g1OFMOUMQaJE+p\/hutYxtSNinlqyIasmpEe17RoinamTFr\/UB3iWE5cRk3un3Y\/INeyqfATd6MvewBZd6w2CNW6Ut+QR3OHXzfAPR7\/6gZw80h+dkNvvv2YZhLNR7fFCytlqLfKwcE3ac55lwOG3aYgFqk7QMi8RtpRnejscum+EPD+yhSiEYWEnZF+QhwLomph17hHIbFo6Hy3fB67GLdiSZRhhq4JWcd\/G4Lan+GLmjZ\/bpffZhDJ6tGdL0VJ+cIf2HIzZIXgD8ThWXTKhtlCSiluKhML1guk4QbgZ7Kfg+yYtWCWYNXSV0Bgr7iKsXTsyOQrPSbiA2XbgpfWQnVMOWf6HZk4b4nBF2flUOzID6kjCWzDJN1ov0HY\/u8vkWdZpNVcjbEPhSJYGQuZZjMMwm2AXSr\/FZ512IZZWu0x\/bqScS1nrcHl4mMWzmktdpY8gnlQqutW2y7D1vLp9D4gwkK4UCyoyGVWxcRj+DKF\/FqWRPZFc5lycA7umQmzsHVnR8GTgFUoQIgh5uawTFmxhQqbijSqxg3OVo3sGtJN1EoU6aKaaG1yE6y77re34HM8f3YDYAEa4+f0AjOre1v6n1Cck4EY35qQF3adiya7gTfgi4es9Tl7wB4xkY4G0CO0rR4BPOB4HF7LSimiolDJQ5noah3uv33nk2NTgYmKd0pWY4Rh8M4Jbl3fwk+0Ih3zbPXNJaElCiPyaFOc4r5"}
01255{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":414,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482896911097,"flow_src_last_pkt_time":1646482896921314,"flow_dst_last_pkt_time":1646482896928135,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646482896928135,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.199.67","src_port":43150,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Deezer","proto_id":"91.210","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music","hostname":"deezer.com","domainame":"deezer.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482916232520,"flow_src_last_pkt_time":1646482916232520,"flow_dst_last_pkt_time":1646482916232520,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482916232520,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.65.82.67","src_port":52070,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":415,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":30,"flow_packet_id":1,"flow_src_last_pkt_time":1646482916232520,"flow_dst_last_pkt_time":1646482916232520,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482916232520,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8ooZAAEAGcYnAqAGAEkFSQ8tmAFAueWmfAAAAAKAC+vBogwAAAgQFtAQCCApZaACoAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":416,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":30,"flow_packet_id":2,"flow_src_last_pkt_time":1646482916232520,"flow_dst_last_pkt_time":1646482916249193,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482916249193,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8Lu8AAPcGbiASQVJDwKgBgABQy2YtbN9PLnlpoKAS\/\/+hEQAAAgQFoAQCCAqviQYeWWgAqAEDAwk="}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482940480794,"flow_src_last_pkt_time":1646482940480794,"flow_dst_last_pkt_time":1646482940480794,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482940480794,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.180.142","src_port":38858,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":417,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_packet_id":1,"flow_src_last_pkt_time":1646482940480794,"flow_dst_last_pkt_time":1646482940480794,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482940480794,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA806FAAEAGYWnAqAGAjvq0jpfKAbsw63pbAAAAAKAC+vDytAAAAgQFtAQCCAoU3PsAAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":418,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_packet_id":2,"flow_src_last_pkt_time":1646482940480794,"flow_dst_last_pkt_time":1646482940487405,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482940487405,"pkt":"PKn0qB\/spJGxgjQ5CABFgAA8FycAAHkGJGSO+rSOwKgBgAG7l8rhydulMOt6XKAS\/\/9c9AAAAgQFlgQCCAqRbEHhFNz7AAEDAwg="}
01243{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_packet_id":3,"flow_src_last_pkt_time":1646482940491250,"flow_dst_last_pkt_time":1646482940487405,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482940491250,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI506NAAEAGX2rAqAGAjvq0jpfKAbsw63pc4cnbpoAYAfb+6AAAAQEIChTc+wqRbEHhFgMBAgABAAH8AwO7ribOnVQsY1sOMkcbEYXbLY3qPQQ51Elay7+WtVSrNSAVw+m3VKjUN5Kg0hk0Rcql0l9JhorDl+A6BcRaD2MOQwAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAUABIAAA9tYXBzLmdvb2dsZS5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgZi1V3KN\/7YwDfK8H3VIJ+hl8oG\/pcyHsJbGlMXjOc2MAFwBBBJu4yUB5A9M8e+22tNqv37PZXfAJovqkKxk\/cRDsm65QH7HDIBoXPUoAJy1c6x2wwBosAz8dzXVrLnN4Hqic9PsAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAhwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01220{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":419,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482940480794,"flow_src_last_pkt_time":1646482940491250,"flow_dst_last_pkt_time":1646482940487405,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482940491250,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.180.142","src_port":38858,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GoogleMaps","proto_id":"91.123","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"maps.google.com","domainame":"maps.google.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_packet_id":4,"flow_src_last_pkt_time":1646482940491250,"flow_dst_last_pkt_time":1646482940513505,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1484,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1484,"pkt_l4_len":1450,"thread_ts_usec":1646482940513505,"pkt":"PKn0qB\/spJGxgjQ5CABFgAW+FzcAAHkGHtKO+rSOwKgBgAG7l8rhydumMOt8YYAQAQVfDAAAAQEICpFsQfsU3PsKFgMDAHoCAAB2AwO+cAbEDWPsOG9Aoyc3T1vqzf\/RucIV2caKYJl\/xX8AJyAVw+m3VKjUN5Kg0hk0Rcql0l9JhorDl+A6BcRaD2MOQxMBAAAuADMAJAAdACDqxFvXuojNNOLUDGJVQD6\/pS4ex48pI\/MhfGnDNiVxagArAAIDBBQDAwABARcDAxmGO3ct6tGPkn2oKW18wCCNVoFB2dDX9BlLCTUZ9VjYMae\/mbNPHUAuiZ9vRuIoefCiQ8kFb4O+HJZQcgfVhqMGbN7RglfdXgWWQavSSlRQyT\/GYSI8\/UIf+AfOkN8TrQxy6iJzrHWNSRydzyEscBtysPYoPRqJCev2t4kd3t9DkQklD70AkCGpFpOjC8AthuU5wwo0VspGupmz9R6axp4s2+J0yco8fk1tNt0XcXtIDkmn9lZUjzsENsY19t4llp5MUY2nMD6oldtnDULVMzNK\/JWLs\/ogHoLjy8Qfme7ab+3fa2zsjnLuS0gipDEcwXuhRJC0j3x7vyQDElOw\/WHXUSYwDH7bp2straTrNDhUsjbXphgKERlrRnOrG9fct7fkGv4HfiFJUtHgL5Bb0atuCe+XDsWVV7YVrL8oMmAFW1TVbbnhBWL5CrGy1KxvPwdtbAkCtKQmkKvlbSW1LDPkV9wM6KfFhwV3yjdMaV0EQda8KyCzO7VdYlnBJitr915VuwhardzQ7PH6+QokzqN2O3LS\/qrkowDvxB6X07jz64gdH8RbmTp7gCE4B3CxFK\/wAkq\/d+BlJvmgG0VZzPykRwk3Z+SYar7ro594ZCb9SWP0c30zUDsx2NQw89aEEs1ReC\/kY+kNhmqgqHCkV\/aPFztbg\/BQZu81YwvFe3zxnNiGAB48ZG5XvLgDJdBnVGxmvXjaJBL\/enErWLgyki7DbD2ed7Ubh6Geue7fK8XVUmpojMqSlHd9N83MBex97rmal\/KhHqRXQzdVkD8lMppo2zxDcJ6vyZ1zISqC0+u0Eec1tSyEV9JuFVKH\/0nOqfpU7X6G0XhWswComBCKDUOqnsSZ2VYmK\/\/NYBNhXubiyqNRkP4NQ54ZWsvHMfVKROJousHF6mxQOO15QPfd8jSe2xkxl5h55j1CoG53oVMlQOESwBAtsMMri4JwZLqS808PiR3YTTzip7k4tGkzsmh0HiNb6+J7Jj8UvtNdCL0nxVpyiZFBp5UGTiPaAfc3GSm+\/qN98Z5ewd0zpkHM9dQk0xSXLVbEmOdphGU70TaUkNP3dEniPwG2bCnpwwKQ6YZULDsWWcEAbGIZP0MHJIfUp09ZTWD+3i4IE6JBMjJqOVCjK0nSoe6k+zGZOocK38CXurxwlIi53W2GsNpS0OTlRvP3uo5KOYGrFYx8jXpmX\/qnY+O6YrnstCj36gBZkzRG4FwWWZ8aX3w9xxyfRqNqaKJ33KXn4x5XQ2LauOV6zsci7LmxPp1SPWguxctM75z9kOtLoPMXjGeJgHjDvVzrZthwByajyjX6P+68T92c688hIA8NFj1q6kxKYu9PyJ\/ExoL9U1KECJ1SJVvhIu5h9QyObfrGNBPjvrSU561D9\/6vcJuynop3dCJJrjuX3FYNV1M8qzg3LiD6rIjahiGTSC+PWTX+1gFiprtsOc61GSaz3JnD+kheoYMnhkYR5soDX4QEbz1IEDT87VOd4cAgMks6tSv7MSxQiKLkUeSEhpneq3rV1+oNXsvqOUzdg17JXxMFJaFkAl8Oab09MIYwsehOPnvo7uPNYVGk\/QW5HrljbeYnmn3xZK6q5NXLQyAoP1PXvYwYJam45lTxfuWj\/J5CtnsXaoy0tM1FyOooW6ZTSwuUcB9nus\/kiArgU1xDb\/3hVgJ7VoT4sVKz34ObKoApxfc\/AnyLjcmaraKOlwc="}
01265{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":420,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482940480794,"flow_src_last_pkt_time":1646482940491250,"flow_dst_last_pkt_time":1646482940513505,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646482940513505,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.180.142","src_port":38858,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GoogleMaps","proto_id":"91.123","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"maps.google.com","domainame":"maps.google.com","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646482995689179,"flow_src_last_pkt_time":1646482995689179,"flow_dst_last_pkt_time":1646482995689179,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482995689179,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.140.63","src_port":48902,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":421,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_packet_id":1,"flow_src_last_pkt_time":1646482995689179,"flow_dst_last_pkt_time":1646482995689179,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482995689179,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8enxAAEAGb8fAqAGAAhGMP78GAburV\/8MAAAAAKAC+vDqEgAAAgQFtAQCCArEqeKzAAAAAAEDAwc="}
00560{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":422,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_packet_id":2,"flow_src_last_pkt_time":1646482995689179,"flow_dst_last_pkt_time":1646482995709387,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646482995709387,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADgG8kMCEYw\/wKgBgAG7vwYhgnsXq1f\/DaAS\/ohOCgAAAgQFtAQCCAocht8\/xKniswEDAwc="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_packet_id":3,"flow_src_last_pkt_time":1646482995711939,"flow_dst_last_pkt_time":1646482995709387,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646482995711939,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5en5AAEAGbcjAqAGAAhGMP78GAburV\/8NIYJ7GIAYAfY3gAAAAQEICsSp4socht8\/FgMBAgABAAH8AwNFE1YF0dNQQhTDT2LTts3l72ip1ON6WYuBYFjp45zAOSCfsggN3rEBQ1caacueVCEG9V0G2r03kBuc\/FQ9ILx8tQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAVABMAABBhY2NvdW50Lnhib3guY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIKOdg7M8WplrJ1dHmYhafGTWEV65\/XHCmgpJRZB9OyhxABcAQQSUMlyZp7X5PylQs43MbEemG5LZD4aMK86EfSyduzhW1kr6wtZBIJI7MJb\/MCOqF0\/ebXOaYXIP5autWsClQmu8ACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01210{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":423,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646482995689179,"flow_src_last_pkt_time":1646482995711939,"flow_dst_last_pkt_time":1646482995709387,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646482995711939,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.140.63","src_port":48902,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Xbox","proto_id":"91.47","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"account.xbox.com","domainame":"account.xbox.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02508{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_packet_id":4,"flow_src_last_pkt_time":1646482995711939,"flow_dst_last_pkt_time":1646482995732146,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646482995732146,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXc7bJAADgG\/vACEYw\/wKgBgAG7vwYhgnsYq1gBEoAQAfrt7gAAAQEIChyG31fEqeLKFgMDAHoCAAB2AwMgX4ftb3H0svKlo38gLKwNa0xpkKciGui3rSBOzeSziSCfsggN3rEBQ1caacueVCEG9V0G2r03kBuc\/FQ9ILx8tRMCAAAuACsAAgMEADMAJAAdACA\/mq72l\/X5wYV7xiehWSBoqC1e8kd0tL5DyVUibFxDIhQDAwABARcDAwA0H3JUn0f6qbdT3p32P454HXDP5IYRoxi3lMRFsJHODkz7xJR5rgRz4MUUYr3T2Jjw+aFRMxcDAw3vtHQjBW4T4HPZPzNcevH+ta4BZOrEGpO7JPPFGNMR+SZNYvq8Khg4xVIZT+TJqq4y1UdQbC0SHZwa\/cWCWVOHJ4ToIVpO8se5z1kQiKjO7tsa2hkllD1P0sE5LzYwhtMXNA34pNAfv+zFj8O8gPl5LrwDPa1lbD2QeNv0JAamm+bK1Ft6MAnnldnEPrq4Dkccu8V4aAK0s4ks79eKH0mEL0W9UbhZ\/5MCDtImAaVNE61E4X\/V8nN1yO04U\/M+zGq+QDSb6KI96yZb7pWQdSDUi8WnroCvk2JjcCQc8V2UmPAo9fJoyWPbso1Qcx9oZRbVGmpDVZpZJrOWGgi+06OP2BFabKp31yRGr4hDuEmV4NyDCCZTO+xQcDQhQmKL+4kf+QXUjoQxs4kZ88In0LC8TmMi9IijejQwkzlmz\/SzXuijmdP4d53ubD8lHcJlgRL3kBKwJzVPYcrYAX1CRyAMdo\/IbRMxxljQ3DomuICtMsuRYbp6mcwPqcIrAT7lmeHwMLiMyHvHZD1A84phaqUY6HK1zep6jPPCQZmcFMe30aF1x5yH+SkMcCyghsMHgbI1R7ukgiBmTOqo7jWbcmiVhQ3L3yDdmanbC\/X\/QWSu9qcxgRX7ZRVxVFJmzrTymCMDxFbbv2s3CZ0yeoVuu+IcPZLPrhl+Zu5URwP4SVK7vlh+4+GvIza4+GqkN\/iTotsJRUh9xU4kieK2ilr07rartoyURS14Wp5ysWUErig4i+Z+g9iCLb2Kl9qn2bQtpePtcXWE0zNCULJ7JKcijniRn2yuzvIbkXJJ+SK7X6gnb3S8RqXxvVa++ZzrhsMsIU1nRIA07F4N5mhI7fT2QOEr1bIB0sF0uUym9USQa2dyAvnC0TjciJMoOroLp+vr9nabRkfhC2rBP+CXRdy7SmA28jGR8iqEYPclnhbN6dpxNxc1ehduJDl3kVBB2ILxwRQaC2afQVb3RTsRefzNwhGX0O98j0\/UpFxsecWW6hkIRJ8PK33ReXB8k1u812Eir3c9+LWrCTMeng5jKJ8kaYlG+UUY7TZF6IJ8qxeaVvJtLvA2a95yHiFCLFCUfViAueCzeu1GIcNv8C1gMmzRalbCLIwqt\/eKesslRNFwLRiOzBi84gBDhUvvVhNjB1RHyyCCpB8MFBTrE5ciQu9PoVtt+eRfCvPulNoFZQ\/+XXXf5uN7WstK2SMAt8kd6Dm8rW5vjIat7oHHJOEVyrEXtFNLBmnsyp\/+A8uu9jhioaZcZu9PbsqgX947cUyzg8DzCw0VYjIzyvV3G+a2\/Dp989Tky7diemEbBta01GDvPjz84jn\/J2yStVEHLiyEi+TIicgi4S5FjZZFIQm3iLCFQn0EI\/LUligLugcu8t3StyiOntIzSbpLiYRvBOQnIAKh0Lq4Ldubzwflx6DfySliFcQtqXOW8YQd6ZIpT21SsUY\/aWaBZy\/s+VcZ73YYOW3ozEwB6pj1aTRZW4iEGdlMBjwMQsIDjKZwJh1m8Kc1S54TnIcrb+2bm66cbtdj1oRkqUnYQnBYu8GAY8z\/8pmY559B3eyC1WTmKaZPMDfFxDzfAZjcjEGDHNdHsDaJiqGd5E4e3X89yPf1bRwd3zq2Ak8YKKRjVBmHmZaDPd3TnmaIa3TKzkLGemc\/Rb\/maLvxxnCwh6Mshn4="}
01255{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":424,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482995689179,"flow_src_last_pkt_time":1646482995711939,"flow_dst_last_pkt_time":1646482995732146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646482995732146,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.140.63","src_port":48902,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Xbox","proto_id":"91.47","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"account.xbox.com","domainame":"account.xbox.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646483012464918,"flow_src_last_pkt_time":1646483012464918,"flow_dst_last_pkt_time":1646483012464918,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646483012464918,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"40.97.160.2","src_port":39828,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":425,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":1646483012464918,"flow_dst_last_pkt_time":1646483012464918,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646483012464918,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8NmFAAEAGec\/AqAGAKGGgApuUAbvrsR4tAAAAAKAC+vCXKwAAAgQFtAQCCAqLefivAAAAAAEDAwc="}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":426,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":2,"flow_src_last_pkt_time":1646483012464918,"flow_dst_last_pkt_time":1646483012642016,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646483012642016,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0h61AAOYGgoooYaACwKgBgAG7m5Tksd5d67EeLoAS\/\/96NQAAAgQFtAEDAwgBAQQC"}
01225{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":3,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012642016,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646483012643710,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItNmNAAEAGd9zAqAGAKGGgApuUAbvrsR4u5LHeXlAYAfZhOgAAFgMBAgABAAH8AwO1u+oefRTEOwSLQjLjHhVV0xmNEBLIePou\/aAHVOd2CCAPyrTST2MnYmbxM2VIZnvQo7xJWWszq6XT0HB3y7IoMAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAQAA4AAAtvdXRsb29rLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACBWvkXIQj27ydSlWNcrtPVAAtDjckdSwzserfJQbjqaWAAXAEEEmLcB97hFECojXeQm9a5elnWgKYRExdFmjiW10ZfBGP+icRnFpjaWBz97zhMeOCLZ79LJYWeVZvs9jOUTVoTTCAArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01212{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":427,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646483012464918,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012642016,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646483012643710,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"40.97.160.2","src_port":39828,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Outlook","proto_id":"91.21","proto_by_ip":"Outlook","proto_by_ip_id":21,"encrypted":1,"breed":"Acceptable","category_id":3,"category":"Email","hostname":"outlook.com","domainame":"outlook.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":428,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":4,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012821762,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646483012821762,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXch65AAOYGfOEoYaACwKgBgAG7m5Tksd5e67EgM1AQCAPV9wAAFgMDEU4CAABZAwNiI1ZE1H27b6T6JRvCm\/MD0luKFyMTDe3jrQbpiHy4ICC5MgAADb+Tw4RbiKuNvdQaqUF3iqCf4+0IdypYCofcN8AwAAARAAUAAAAjAAAAFwAA\/wEAAQALAA2dAA2aAAiqMIIIpjCCB46gAwIBAgIQBlZfm2qDLxvIgJ9OV3KS5zANBgkqhkiG9w0BAQsFADBLMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSUwIwYDVQQDExxEaWdpQ2VydCBDbG91ZCBTZXJ2aWNlcyBDQS0xMB4XDTIxMTIyMjAwMDAwMFoXDTIyMTIyMjIzNTk1OVowajELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEUMBIGA1UEAxMLb3V0bG9vay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB9wlkgtAgWRPrtQjN+hjPY9n1E5BhRmtLNo5GgPTzKcmU9tJGqc3zsJF3xgbCIc1AB8dt7DonJfZNasePo6d0IRrMqsbrNLn0GUGS9qjY3dLxV51XQ61Sd9T5EQIE\/XwKZh3BtIehwUH0rE3omOA9+auyHPSNQb+BS4A5N6ZgG9TmdvEIgWfY9f1Id2M+DUxfatVW0Jp89Wvw8GBDfyzllLm0\/EDzmv3rk1vx4MWpb91yl2TwrYu1EMiyNNtVWRMGhTp1gkz5aMgVZO6TpdbLjcEUMxNrBEfUptVSqyzS++eERCA14Kg2rdfoONwwYHx3GIbJwcFbAJhsLXa\/I7dxAgMBAAGjggVlMIIFYTAfBgNVHSMEGDAWgBTdUdCiMXOpc66PtAF+XYxXy5\/w9zAdBgNVHQ4EFgQU3Odtv0FtIj23r9K5dpo4sXI2NS8wggIQBgNVHREEggIHMIICA4IWKi5pbnRlcm5hbC5vdXRsb29rLmNvbYINKi5vdXRsb29rLmNvbYILb3V0bG9vay5jb22CDW9mZmljZTM2NS5jb22CDyoub2ZmaWNlMzY1LmNvbYIXKi5vdXRsb29rLm9mZmljZTM2NS5jb22CDCoub2ZmaWNlLmNvbYISb3V0bG9vay5vZmZpY2UuY29tghRzdWJzdHJhdGUub2ZmaWNlLmNvbYIbYXR0YWNobWVudC5vdXRsb29rLmxpdmUubmV0gh1hdHRhY2htZW50Lm91dGxvb2sub2ZmaWNlLm5ldIIgYXR0YWNobWVudC5vdXRsb29rLm9mZmljZXBwZS5uZXSCFmF0dGFjaG1lbnRzLm9mZmljZS5uZXSCFiouY2xvLmZvb3RwcmludGRucy5jb22CFioubnJiLmZvb3RwcmludGRucy5jb22CHWNjcy5sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tgiFjY3Mtc2RmLmxvZ2luLm1pY3Jvc29mdG9ubGluZS5jb22CGHN1YnN0cmF0ZS1zZGYub2ZmaWNlLmNvbYIaYXR0YWNobWVudHMtc2RmLm9mZmljZS5uZXSCCioubGl2ZS5jb22CFm1haWwuc2VydmljZXMubGl2ZS5jb22CC2hvdG1haWwuY29tgg0qLmhvdG1haWwuY29tMA4GA1UdDwEB\/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgY0GA1UdHwSBhTCBgjA\/oD2gO4Y5aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0Q2xvdWRTZXJ2aWNlc0NBLTEtZzEuY3JsMD+gPaA7hjlodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRDbG91ZFNlcnZpY2VzQ0EtMS1nMS5jcmw="}
02505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":429,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_packet_id":5,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012821837,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646483012821837,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXch69AAOYGfOAoYaACwKgBgAG7m5TkseQS67EgM1AQCAPVywAAMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB8BggrBgEFBQcBAQRwMG4wJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NweC5kaWdpY2VydC5jb20wRQYIKwYBBQUHMAKGOWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydENsb3VkU2VydmljZXNDQS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAX3fdqGRAAAEAwBHMEUCIG19vZQ3ztPNq5S85GBThQ4+TBDHFxFC0nXZ4LXpUu3rAiEA8+M15TzZmOUopQftFbHUpCuDhU09pI7ZIoZ4rqlvzwYAdwBRo7D1\/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAX3fdqIKAAAEAwBIMEYCIQCCt\/CWyrB3z5L9JJQqtKhuKwSHXVPO\/nIzLQIRvE8QSAIhALAUu2+684sYBmTAWbK9qLsoHMJRLVDtf7PKkkuPEhCsAHUAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF933aiIAAABAMARjBEAiAmY6DHSC0PRZfjQURv9gfH7XNEvLtjnimdIZ9DL1pP\/wIgEm240\/6jgHbB2vouW4klCYLhx1mBUl2EGyo40QGnLN8wDQYJKoZIhvcNAQELBQADggEBAKs0Do0f0D7XJa8EwMbjj8gm+KWD\/Y615EL0mYouOSdmvSw1h3kWcf3Z3gP9p7LPMTiWc9WgaATbbQQyCdIiD4lE+y\/Hgw+bok2WmRbY6mYbpvHNrk5MrGqzAuJQP6PKt3aBz7PPYPmXPTacuSVPid0KRE9WekJR9Qbk7uWzQ9sUrU4qL0vpapgXTftedAVBzNTW+x6T9ZQXCGPbPWrvcN8p2WRUpvQPorVZ+8K6hKQ74Unfe858rN6lgFCEo0o1k\/W4HSPYM\/GX2BRkg5zPfLO7nMgTuWoOm6j0aPk8QFiDRXKTGIlkTm3CU1U8PU5zGVtJrxLepFiwH8haosDkiUMABOowggTmMIIDzqADAgECAhAPFxpIxvIjgJIYzS7W3cDoMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMB4XDTIwMDkyNTAwMDAwMFoXDTMwMDkyNDIzNTk1OVowSzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzElMCMGA1UEAxMcRGlnaUNlcnQgQ2xvdWQgU2VydmljZXMgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGt9ocUeVQnV8cvBWg8mzzNZ+xFECyE8qRHxNlTQkUJu+T+M8HXvEYv0Yvmt7VneHxqcL79uOW2VM9MXqy4InRzVSkIc8hk99CVCQ55g1C\/X\/XUzJtCYY6ABLlBqs5OEpmbrNbFvlsCc7UWpKtxYtSY6kA5hab2uy\/o54fCi\/acMs3s+D6\/ied0I4JL2uq\/c6YlPP2\/qeVo\/\/gwomDHOy6j88V\/Ozv9DzGhfHQP0L8UxL1o8aXna6ffmwB+RiVO5ugT8\/YGx9RvCycgQl1hvD9g0nyWcsl8sIv\/+UgFUwT6Iq+3zVFdbd2QdAPwM0\/0x8A+VkZHr3Mgi9x6PqPyXf8CAwEAAaOCAa4wggGqMB0GA1UdDgQWBBTdUdCiMXOpc66PtAF+XYxXy5\/w9zAfBgM="}
02010{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":431,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646483012464918,"flow_src_last_pkt_time":1646483012643710,"flow_dst_last_pkt_time":1646483012821897,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":4435,"midstream":0,"thread_ts_usec":1646483012821897,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"40.97.160.2","src_port":39828,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Outlook","proto_id":"91.21","proto_by_ip":"Outlook","proto_by_ip_id":21,"encrypted":1,"breed":"Acceptable","category_id":3,"category":"Email","hostname":"outlook.com","domainame":"outlook.com","tls": {"version":"TLSv1.2","server_names":"*.internal.outlook.com,*.outlook.com,outlook.com,office365.com,*.office365.com,*.outlook.office365.com,*.office.com,outlook.office.com,substrate.office.com,attachment.outlook.live.net,attachment.outlook.office.net,attachment.outlook.officeppe.net,attachments.office.net,*.clo.footprintdns.com,*.nrb.footprintdns.com,ccs.login.microsoftonline.com,ccs-sdf.login.microsoftonline.com,substrate-sdf.office.com,attachments-sdf.office.net,*.live.com,mail.services.live.com,hotmail.com,*.hotmail.com","ja3s":"71d9ce75f347e6cf54268d7114ae6925","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1","subjectDN":"C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"4E:39:B4:13:4B:8C:77:57:7D:80:3D:76:40:E8:88:22:05:00:1C:58","blocks":0}}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":434,"packets-processed":433,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":185341,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":29,"total-detection-updates":32,"total-updates":0,"current-active-flows":24,"total-active-flows":33,"total-idle-flows":9,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":253,"global_ts_usec":1646495488872237}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495488872237,"flow_src_last_pkt_time":1646495488872237,"flow_dst_last_pkt_time":1646495488872237,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488872237,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"15.160.39.187","src_port":45898,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":434,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":1646495488872237,"flow_dst_last_pkt_time":1646495488872237,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495488872237,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8\/MhAAEAGRHDAqAGAD6Anu7NKAbvmP22QAAAAAKAC+vBpUQAAAgQFtAQCCAoE\/txmAAAAAAEDAwc="}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":435,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_packet_id":2,"flow_src_last_pkt_time":1646495488872237,"flow_dst_last_pkt_time":1646495488880478,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495488880478,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8AABAADIGTzkPoCe7wKgBgAG7s0optQbo5j9tkaAS9LPzBQAAAgQFtAQCCAoEQEeaBP7cZgEDAwc="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_packet_id":3,"flow_src_last_pkt_time":1646495488882948,"flow_dst_last_pkt_time":1646495488880478,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646495488882948,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5\/MpAAEAGQnHAqAGAD6Anu7NKAbvmP22RKbUG6YAYAfaZtgAAAQEICgT+3HEEQEeaFgMBAgABAAH8AwO25geT89HZVQIHdAvPqVcdroWBp1YfQbaMJ\/IT9jA01iAQ9v2Qg1QtgoSL\/wrZgtn2pCmqUafGB71JcGJ1a5vPpQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAWABQAABFndXp6b25pLmFwcGxlLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACAfoSMbRE149N9PW6YpT\/B1gLVQ\/izORnimYk5vzkOPIwAXAEEEYgA3US97mm0LBVaj+yl1ih4nt3Ma4wqV+qwTQtcgUnIu95ynuvYl8aODuWCNRrQ8KDDItT25yW1YelOufG9kvAArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01241{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495488872237,"flow_src_last_pkt_time":1646495488882948,"flow_dst_last_pkt_time":1646495488880478,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488882948,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"15.160.39.187","src_port":45898,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AppleSiri","proto_id":"91.254","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":32,"category":"VirtAssistant","hostname":"guzzoni.apple.com","domainame":"guzzoni.apple.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":437,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_packet_id":4,"flow_src_last_pkt_time":1646495488882948,"flow_dst_last_pkt_time":1646495488890513,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495488890513,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXc3OJAADIGbLYPoCe7wKgBgAG7s0optQbp5j9vloAQAebPtQAAAQEICgRAR6UE\/txxFgMDAHoCAAB2AwNJ2HRqoT52PRFw7cmJJgArKEzeqz+jlvbkw\/WJIh9cmyAQ9v2Qg1QtgoSL\/wrZgtn2pCmqUafGB71JcGJ1a5vPpRMBAAAuADMAJAAdACCiqYYCZfqcpaqWbOn8XpMx60m948SzpJySebBBQcJXcgArAAIDBBQDAwABARcDAw6p3GJeV40OLlIOgvs6jLGbPMEcdT4zKG\/rVsUsq9ymTcYjT7RyyNUzyEMQE+S2Zd7yCWPh\/OyiGHU6g8os2NCfseJGLoK7lbSLwXQa3FDIkf6yhpXHPGTc10MmnkAoDaVFX0aAZ5PLjqC+tXrOLCMEeUq3rQWeQwWvDvlbnzHvNaPAbd1NBT\/UAJ6Na5yRPrnesEFTl+9q5rCZ1fXvAoCX0glY4wCzt6l5vOP1A1nO4vnps2cZ9ThTckti2FChzBRLR6ClfR2SG3kjGN+1W4ipMLw0+QtWjvnS+WxrGHUNL2fovCY5M1fRkd3bP+yHpRWMS2p4dpxb9dVTLye9c1ap7SaIdd7\/HgBrivEF08UI7YeMs2IEerr4OOaHf1N0kxHNhtQ3bVXniVdYbR6zkSPli9+nnPjaNL4O8hez4C8MJXhsSukIcNDZm4PF4L\/rHSVZxTJQHDGlsiw4wwr19KcNmuoGHexlFvakHZ6PDkrqR7ujT9Ep6Dj\/CzQ592O+w6F9IsocfqVB56rY+bg6lajMzzOiakFaiBadRsPq2ENUszExC0jisja0iw4snp0\/+POhBKKhbdM\/sVfmeDfBzpi\/3wjEFn60tvJMYOaRpCne2S60gpFJ9qyepqTGMIHVY0ww\/9dEhDz+P46yv52XhYyewm6W74Tp59tfHLtqBHQFmO82lFAY7+2MbuGSPzAQAazKDYijfVnptZ48m+HWM5RxnMbYHQLaOPJGR8a+4bZ2n89Z6rSEfpkMFcu0YAqB1SuQq43+W4jGbpojxeEPrSpL2e05DJ5Td7zSaatqEKZLLoJLxArCEuhiO5xyQQ12BF7KYp+ykEyGGRaw8lRoNzFrZbolwcLJHNbiCqHsPQLLrqsWIBZMvXRQWNLk3zOCwr4gvtRVNRsxDTCJWoZiuZ3gXYo6ZT57kYkOtQAgWHUTz15wcxgIY6ZvzFFlzrOSETElJDMmreyYinxqBFgF9g5gsWbFrEjNBnDevi7joYbVislYKg6YD7zEweiWl+cBs5enDDuQNmgYBE\/YHqsFBdedvFjNr0qEgDpTRxGOWja9YpG6SAOOLYIX88admQUKSk1Rzi0esjjBPnt5tBRTJ0wWdv5EHqKTbfYUJDML44YwiAK3CNKWaiMowrqoyT7eKq1gJn2qr2kK7aHPu\/UkGFaycKY4\/z9cWbTM8GkZX4QuNkD6mWq4Yo25McmerRc2mv0HQBveUQo4zdL62txvtqlZE\/qf\/GuYRk9dEVG4D7o7nnLBCBg3Ln5JwT+0KIxZvsaLFe07yrHvILrhgOyqVYe86QwZYd3ARcSONBjCfwGzWlKPMT6pJZqd0QD1Fx+PEavK4aQ23zI5AcDyKlMOmhWqPhNXqPyZZRpKIyWKid\/\/TmsDguDOykvIDl7nSF8NSG871hK5WzkITmp\/zBszG3faHyeVPl8T8JMA2yvXwSCkNmrFzOPuzojqw1l4ab1OMPUqVLntrRXRFIwAcdhzF+19UWU0j9YQvmoU3xjbhvLNgkOtM8QMdNstONtHAHSSo4bZjVCFFZdC6Q\/CUmE7rdGltQcSlcqdkxPjZmqhxTzIrDNCtin1EVB6wuhVjWfwWHIN60C2CD8ay0MB3Gi+SHpOX6MeAvrP30pcgOuLqkKAB7VFhq4MbYWubAogOnNNhDcMknhXoa6bpJcD0O1KZR3urXANhx4EsWg30jyw6DXL3kOb8fH6pXnItSNnRB96FDbfluT58nmg91VBbygcbA4="}
01286{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":437,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495488872237,"flow_src_last_pkt_time":1646495488882948,"flow_dst_last_pkt_time":1646495488890513,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"15.160.39.187","src_port":45898,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AppleSiri","proto_id":"91.254","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":32,"category":"VirtAssistant","hostname":"guzzoni.apple.com","domainame":"guzzoni.apple.com","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00972{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":1,"flow_first_seen":1646482825245035,"flow_src_last_pkt_time":1646482890229130,"flow_dst_last_pkt_time":1646482890325852,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"69.191.252.15","src_port":39036,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Bloomberg","proto_by_ip_id":246,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","domainame":"","http": {}}}
00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":22,"flow_state":"info","flow_src_packets_processed":7,"flow_dst_packets_processed":1,"flow_first_seen":1646482825245035,"flow_src_last_pkt_time":1646482890229130,"flow_dst_last_pkt_time":1646482890325852,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"69.191.252.15","src_port":39036,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646482879566800,"flow_src_last_pkt_time":1646482879614533,"flow_dst_last_pkt_time":1646482879632889,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":643,"flow_dst_tot_l4_payload_len":4121,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.68.189","src_port":57336,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
00978{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":10,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482623895784,"flow_src_last_pkt_time":1646482623941304,"flow_dst_last_pkt_time":1646482623982001,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1380,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1380,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"31.222.67.112","src_port":35054,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Badoo","proto_id":"91.279","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482879964649,"flow_src_last_pkt_time":1646482879983523,"flow_dst_last_pkt_time":1646482879998959,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.51.246.65","src_port":46264,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Playstation","proto_id":"91.231","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
00988{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":24,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482845216543,"flow_src_last_pkt_time":1646482845241664,"flow_dst_last_pkt_time":1646482845260491,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.139.210.102","src_port":57014,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":33,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646483012464918,"flow_src_last_pkt_time":1646483012833860,"flow_dst_last_pkt_time":1646483013011740,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":4761,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"40.97.160.2","src_port":39828,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Outlook","proto_id":"91.21","proto_by_ip":"Outlook","proto_by_ip_id":21,"encrypted":1,"breed":"Acceptable","category_id":3,"category":"Email"}}
00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":13,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482659915877,"flow_src_last_pkt_time":1646482659945895,"flow_dst_last_pkt_time":1646482659961974,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1340,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1340,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"146.75.62.167","src_port":46084,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Twitch","proto_id":"91.195","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video"}}
00979{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":21,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482802720593,"flow_src_last_pkt_time":1646482802732248,"flow_dst_last_pkt_time":1646482802742412,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"35.201.112.136","src_port":47122,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.LastFM","proto_id":"91.134","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music"}}
00968{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646482686914106,"flow_src_last_pkt_time":1646482686914106,"flow_dst_last_pkt_time":1646482687080565,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":45936,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"HTTP","proto_id":"7","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","domainame":"","http": {}}}
00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":14,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646482686914106,"flow_src_last_pkt_time":1646482686914106,"flow_dst_last_pkt_time":1646482687080565,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":45936,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00970{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646482916232520,"flow_src_last_pkt_time":1646482916232520,"flow_dst_last_pkt_time":1646482916249193,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.65.82.67","src_port":52070,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"HTTP","proto_id":"7","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","domainame":"","http": {}}}
00775{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":30,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646482916232520,"flow_src_last_pkt_time":1646482916232520,"flow_dst_last_pkt_time":1646482916249193,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.65.82.67","src_port":52070,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":15,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482724450800,"flow_src_last_pkt_time":1646482724464401,"flow_dst_last_pkt_time":1646482724472137,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"18.66.196.102","src_port":51806,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SoundCloud","proto_id":"91.234","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music"}}
00974{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646482801387341,"flow_src_last_pkt_time":1646482801387341,"flow_dst_last_pkt_time":1646482801394699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"34.96.123.111","src_port":44954,"dst_port":80,"l4_proto":"tcp","ndpi": {"confidence": {"1":"Match by port"},"proto":"HTTP","proto_id":"7","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":0,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"","domainame":"","http": {}}}
00777{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":20,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646482801387341,"flow_src_last_pkt_time":1646482801387341,"flow_dst_last_pkt_time":1646482801394699,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"34.96.123.111","src_port":44954,"dst_port":80,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":23,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646482844787933,"flow_src_last_pkt_time":1646482844818910,"flow_dst_last_pkt_time":1646482844825719,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1340,"flow_src_tot_l4_payload_len":610,"flow_dst_tot_l4_payload_len":4736,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"151.101.193.73","src_port":43412,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bloomberg","proto_id":"91.246","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":31,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482940480794,"flow_src_last_pkt_time":1646482940491250,"flow_dst_last_pkt_time":1646482940513505,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.180.142","src_port":38858,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GoogleMaps","proto_id":"91.123","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00985{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":11,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482634412021,"flow_src_last_pkt_time":1646482634434348,"flow_dst_last_pkt_time":1646482634459323,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"172.65.251.78","src_port":53998,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GitLab","proto_id":"91.262","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}}
00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":18,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482772264409,"flow_src_last_pkt_time":1646482772294676,"flow_dst_last_pkt_time":1646482772325972,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"185.125.190.21","src_port":42884,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.UbuntuONE","proto_id":"91.169","proto_by_ip":"UbuntuONE","proto_by_ip_id":169,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":25,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646482860064890,"flow_src_last_pkt_time":1646482860127141,"flow_dst_last_pkt_time":1646482860150984,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":4801,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.14","src_port":48654,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.LinkedIn","proto_id":"91.233","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00975{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":19,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482791144413,"flow_src_last_pkt_time":1646482791170130,"flow_dst_last_pkt_time":1646482791191818,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"95.101.195.214","src_port":51432,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Hulu","proto_id":"91.137","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00972{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":17,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482759960442,"flow_src_last_pkt_time":1646482759982731,"flow_dst_last_pkt_time":1646482760002525,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.49","src_port":40832,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.eBay","proto_id":"91.179","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":27,"category":"Shopping"}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482896911097,"flow_src_last_pkt_time":1646482896921314,"flow_dst_last_pkt_time":1646482896928135,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.199.67","src_port":43150,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Deezer","proto_id":"91.210","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":25,"category":"Music"}}
01118{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482866432813,"flow_src_last_pkt_time":1646482866451722,"flow_dst_last_pkt_time":1646482866473555,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"104.23.98.190","src_port":39934,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"TLS.Pastebin","proto_id":"91.232","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}}
00973{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":12,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646482646628933,"flow_src_last_pkt_time":1646482646676232,"flow_dst_last_pkt_time":1646482646693050,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":643,"flow_dst_tot_l4_payload_len":5202,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.141.128","src_port":42580,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Activision","proto_id":"91.258","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
00964{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":16,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482753482315,"flow_src_last_pkt_time":1646482753507544,"flow_dst_last_pkt_time":1646482753526341,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"23.1.66.79","src_port":48140,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.CNN","proto_id":"91.180","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00965{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":32,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646482995689179,"flow_src_last_pkt_time":1646482995711939,"flow_dst_last_pkt_time":1646482995732146,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646495488890513,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"2.17.140.63","src_port":48902,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Xbox","proto_id":"91.47","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650748124,"flow_dst_last_pkt_time":1646495650748124,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495650748124,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":438,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":1,"flow_src_last_pkt_time":1646495650748124,"flow_dst_last_pkt_time":1646495650748124,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495650748124,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8GIFAAEAGaR3AqAGANHHChOIWAbvSHIRRAAAAAKAC+vCUIQAAAgQFtAQCCApnoF3vAAAAAAEDAwc="}
00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":439,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":2,"flow_src_last_pkt_time":1646495650748124,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495650768253,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0H0NAAHQGLmM0ccKEwKgBgAG74hatJvO00hyEUoAS\/\/\/a2QAAAgQFoAEDAwgBAQQC"}
01229{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":3,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495650768482,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItGINAAEAGZyrAqAGANHHChOIWAbvSHIRSrSbztVAYAfbGZQAAFgMBAgABAAH8AwO6eoC9IxGTkdV9vVeJGWk4znzi7kZuVq2WW+Nl\/2Sg0SCU+jy21h8ySE7r\/PfMeW\/+6AejiqSkX1JQLDj\/qy1dewAgSkoTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTCgoAAAAAABUAEwAAEHRlYW1zLm9mZmljZS5jb20AFwAA\/wEAAQAACgAKAAjKygAdABcAGAALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAADQASABAEAwgEBAEFAwgFBQEIBgYBABIAAAAzACsAKcrKAAEAAB0AIP361tTnT+5yNMG5uzlpGoadVy4F1\/ksgWxYfkq0hvgPAC0AAgEBACsABwYaGgMEAwMAGwADAgACRGkABQADAmgyWloAAQAAFQDHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01246{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":440,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650768253,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495650768482,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft365","proto_id":"91.219","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Acceptable","category_id":15,"category":"Collaborative","hostname":"teams.office.com","domainame":"teams.office.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
02497{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":441,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":4,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804279,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495650804279,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcH0VAAHUGJ7k0ccKEwKgBgAG74hatJvO10hyGV1AQBACfWAAAFgMDD1ECAABiAwNiI4ei5YRNuy2OmywGACayueg1qbPXmXIcqQLyEbh0kSDMNgAAahCvQqRJprL3QEMn2EkfKvJsk5Uz6nFmODR83sAwAAAaACMAAAAQAAUAAwJoMgAXAAD\/AQABAAAAAAALAA12AA1zAAgPMIIICzCCBfOgAwIBAgITEgAX5vHA305TdHMSCwAAABfm8TANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMTAeFw0yMTA5MDYyMjAyMDZaFw0yMjA5MDYyMjAyMDZaMBsxGTAXBgNVBAMTEHRlYW1zLm9mZmljZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZHV5h+NwsEBtaHtLKXJoP1ZQRHJt1aJ7UJXi0Nyg42Oq7rqdS9q50qaMOj8mjtDcBLe9a5nJdUTe5\/A83BRTsm+E936LxK\/HNHW8w1Nr62DgoG4pekVGA9CDOo3AGRtgan\/rbV8hCm2Uw+h19AxObusrWRf3oUegIrqXRr58ZAnq5sK69oKyLr5HvLtWPaArXeCmDrEzy7j1Y6RcgYdFlyC9jL8l8neIhu\/KaUiLODUqdwAxaNeINhwK8SfIQfziFO0BosI7RBicovG7geMHuhyNMMr0LDo\/Xq5kQ5h\/NdK\/+WWh4Ht4XsXJYns0PTxExCdY3QHLFxuZJw3SO47NBAgMBAAGjggQSMIIEDjCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcARqVV63X6kSAwtaKJafTzfREsQXS+\/Um4havy\/HD+bUcAAAF7vSs+5QAABAMASDBGAiEAonjfpBbSm3nHRZAbEfpncC3C5RzBbegUTYwBhoou1EsCIQCelUHtsbLdVgFYlsDftjojF\/hac9xApX58m5SH8+g5WQB2AFGjsPX9AXmcVm24N3iPDKR6zBsny\/eeiEKaDf7UiwXlAAABe70rProAAAQDAEcwRQIhANjQ3Fm5YD7ZKfIAkpLsGDcsq6sa8kYYvJc3USn3qMIlAiBT+tQvO5yR88ii\/dtdnt69nKOpLD2xAANcDUfS0t9WcwB2ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABe70rPp4AAAQDAEcwRQIhAJxP7ULGZ4kEuWGuTDMFNy1qboWh6IxtqNIco0Xn78syAiBxYJ4OPQkUcuezv1Ad1XdydanXi4j+lfe+ayssk92anzAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMBMAoGCCsGAQUFBwMCMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD7tkBgsmFG4G1nmGF9OtggV2Fho5Bh8KYUAIBZAIBJzCBhwYIKwYBBQUHAQEEezB5MFMGCCsGAQUFBzAChkdodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAxLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTAdBgNVHQ4EFgQUh855pDsSg4T3Ruw4gLdcAilfT\/swDgYDVR0PAQH\/BAQDAgSwMBsGA1UdEQQUMBKCEHRlYW1zLm9mZmljZS5jb20wgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIZNaHR0cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcmyGS2h0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC8="}
02506{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":442,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_packet_id":5,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804323,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495650804323,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcH0ZAAHUGJ7g0ccKEwKgBgAG74hatJvlp0hyGV1AQBAB1BAAATWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcmwwVwYDVR0gBFAwTjBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMAgGBmeBDAECATAfBgNVHSMEGDAWgBS1dgwwEc7HkkJNTMdcLMipDOgLZDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBABuhwOU31koi5iKg9Q\/epQv9qBrE4Ltx8oVqrgYBKx4NnBjFi1xsPcTSZqNm0Nc+Gw5+PBUVzqYxMT8680kRWaFOS06XLASEY\/amlybn4b\/hxyklpXHbiJoQQhERkyT9vZjwRnFbiHS0DVMifhsugt0\/9di59YclEiclB3NQ7Wan13Bf9rqNkCsETRZCv9atvi0Ek9O3vxaDAOPToOs5FEQ93fgmyUe5q9H26VKbI2Iet8RyIgeEENOW9gtEMLTVmeFAZWKrwzh7Ullh0joA6eTTZOBllDVv8VivhxSZ3k781FuCYxMcZQvaXJo1RuiMCto7iZsF0zihXdnQIrEPFLUQAjzUJhyKtdv7zYw0tpfrlJeNkPIHsqcUqL8kezdGuCGyjXSgiB0H3fvHzOfg6gyZlYneoXdGGNnH4vNOvWAA1PdFPX1AR6a0hVY8T4t5Qlpwh3XY6IsCqvNFnkrZJ4MXuNhuYjrCPYvZ\/vbYQgEs7J\/rBmgiWcHaav7NICHOj8OW+m9O97A2NbUX\/BDbDkSh\/z8ZUv\/eD0QxNWhIjizJYm\/wpgcOBI+U4SMREYmxiJC6q5kOPzdBENNvGECbAkLE97X+k+RqZBSLBzioT3VFYeJMqvTRtHQpJGMVYHIq2hCf4oV8hBgPu3\/Joywosj1FMvOsl\/tDInVTb31fpWhxAAVeMIIFWjCCBEKgAwIBAgIQDxSWXyAgaZlP1ceseIlB4jANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDcyMTIzMDAwMFoXDTI0MTAwODA3MDAwMFowTzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXTWljcm9zb2Z0IFJTQSBUTFMgQ0EgMDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqYnfPmmOyBoTzkDb0mfMUUavqlQo7Rgb9EUEf\/lsGWMk4bgj8T0RIzTqk970eouKVuL5RIMW\/snBjXXgMQ8ApzWRJCZbar879BV8rKpHoAW4uGJssnNABf2n17j9TiFy6BWy+IhVnFILyLNK+W2M3zK9gheiWa2uACKhuvgCca5Vw\/OQYErEdG7LBEzFnMzTmJcliW1iCdXby\/vI\/OxbfqkKD4zJtm45DJvC9Dh+hpzqvLMiK5uo\/+aXSJY+SqhoIEpz+rErHw+uAlKuHFtEjSeeku8eR3+Z5ND9BSqc6JtLqb0bjOHPm5dSRrgt4nnil75bjc9j3lWXpBb9PXP9Sp\/nPCK+nTQmZwHGjUnqlO9ebAVQD47ZisFonnDAmjrZNVqEXF3p7laEHrFMxttYuD81BdOzxAbL9Rb\/8MeFGQjE2Qx65qgVfhH+RsYuuD9dUw\/3wZAhq05yO6nk07AM9c+AbNtRoEcdZcLCHfMDcbkXKNs5DJncCqXAN6LhXVERCw\/usG2MmCMLSIx9\/kwt8bwhUmitOXc6fpT7SmFvRAtvxg84wUkg4Y\/Gx++0j0z6StSeN0EJz150jaHG6WV4HUqaWTb8="}
01544{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":443,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650768482,"flow_dst_last_pkt_time":1646495650804336,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3926,"midstream":0,"thread_ts_usec":1646495650804336,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft365","proto_id":"91.219","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Acceptable","category_id":15,"category":"Collaborative","hostname":"teams.office.com","domainame":"teams.office.com","tls": {"version":"TLSv1.2","server_names":"teams.office.com","ja3s":"104071bf77c5f0d7bae5f17542ba9428","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01","subjectDN":"CN=teams.office.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","fingerprint":"27:20:65:85:4C:34:BF:09:F0:25:56:B8:50:A7:4D:38:8C:45:82:80","blocks":0}}}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495669804673,"flow_src_last_pkt_time":1646495669804673,"flow_dst_last_pkt_time":1646495669804673,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495669804673,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.185.106","src_port":33664,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":446,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_packet_id":1,"flow_src_last_pkt_time":1646495669804673,"flow_dst_last_pkt_time":1646495669804673,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495669804673,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8GxZAAEAGN4nAqAGAbIq5aoOAAbvmWe+jAAAAAKAC+vCvxQAAAgQFtAQCCAqEU9WfAAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":447,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_packet_id":2,"flow_src_last_pkt_time":1646495669804673,"flow_dst_last_pkt_time":1646495669812499,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495669812499,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8yYIAAPcGEhxsirlqwKgBgAG7g4CERzW35lnvpKAS\/\/\/nPAAAAgQFoAQCCArIqUDThFPVnwEDAwg="}
01240{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_packet_id":3,"flow_src_last_pkt_time":1646495669817020,"flow_dst_last_pkt_time":1646495669812499,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646495669817020,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5GxhAAEAGNYrAqAGAbIq5aoOAAbvmWe+khEc1uIAYAfZdLwAAAQEICoRT1avIqUDTFgMBAgABAAH8AwN96ffJWUDTazcjPKRqPmlOCDA7EP6e0q+5Knlqzgn4siDXwLeA2RnsV46x7ZH7OaLw+Chjc3EP4ZBJc+xWJC0l1wAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAXABUAABJ3d3cucHJpbWV2aWRlby5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgGExhTuOW51jqeKeMnZIkirN5TNVDUu2atdTJKyWyDBgAFwBBBNa6zHPDKyGGZ8TLrmG8xe75hAb+vBq5zYOy2EFwzMFPukEZchYJ5onOljVZmDEEihxmPvbweI2eyfjNpyF4jCAAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01232{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":448,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495669804673,"flow_src_last_pkt_time":1646495669817020,"flow_dst_last_pkt_time":1646495669812499,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495669817020,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.185.106","src_port":33664,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AmazonVideo","proto_id":"91.240","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"www.primevideo.com","domainame":"www.primevideo.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02485{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_packet_id":4,"flow_src_last_pkt_time":1646495669817020,"flow_dst_last_pkt_time":1646495669824646,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1494,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1494,"pkt_l4_len":1460,"thread_ts_usec":1646495669824646,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXIyYUAAPcGDI1sirlqwKgBgAG7g4CERzW45lnxqYAQAQXOcgAAAQEICsipQOCEU9WrFgMDAHoCAAB2AwPjGPqRWOOZxoE8Is66m3RbsRkzGxkAVyndH8vLKDSFwiDXwLeA2RnsV46x7ZH7OaLw+Chjc3EP4ZBJc+xWJC0l1xMBAAAuACsAAgMEADMAJAAdACDISjE6jXcvj9RkZAQbID3cTd8KiX3I6r8KlMDUfzpPOBQDAwABARcDAwAkpXCZp7P2SmWlib1QnzplpoJ0swWQp1U5VYR06dN6UDtp8KXMFwMDFUWkGP2MGe3FAwGKBhFw\/Jol1Cslq4CaNEUF4psGqChmXnyKIxZ9bGet7KJMQSMSmVps\/wJ78uDP0zpsjLU+9DI0yiZeroYWeNtF4WO6IC6m6KH2ZqyZGg6mBln66ppe8Q2K7bAz3F3AA0XuUIubsbaI6Ob5xMmHyRR3u+t8nkVOk+CjcvdxoDy\/sANcJlvygrPr74Oeo5vNVLlWCTGqYVU6QlfZqQJ3QnY\/xE+ojgaWujmoQqETzZevsrLUPdnqUxHUs9e9cpjzkB6+5Q2VLYqW1wxAUEKvTKDhKq1YG4fKYU2iyvJxlHYWk\/uPHeEgmu98EKFLLBYv6ZqAisqpbnEbRU06WqOVb2Mx0jHGuZJaJsUhl9BBdifJPOyt4jzzvvflym+nG\/f5RsoekLx4I3eqlIfqYzVKnwepYJmTYDVWJJzV6kf6xt0WtCxQRgyClopmVxjByYUgRrzZhpkr4haP\/bisqUAXy0DS10EmVGcuT\/\/BlEnHqtm9b70DinljQu4e7LsuvkmJDqIj+eqlL9K8TLQN3XWrNefrwxAUM67y7WmtUYR1HskcrIsb9cLZNbZa11tXGjPtIx47b1SrhPyFPwQYKhpLs4B6ZOjI26Mb52wtP7MByGLSreL9dCImwZXH1g8dMYIgAzodAkCs0y+UfpADrwvK5Na3F86\/LC3Yxx8TqI7tDwYP\/noxruaJ3Z0e4d5osqflvLnkjykiJYvAp0iwD6RXLDcg5QbBZC0omKLL2eeCegLL3z3xcxzLXLCElnvdWSTEdX2KM\/6xU\/fcSCXjw1UW60R\/+PcNGh6JnpG6L9fHdTOpY0ZCYTMjtwuGtdJxyamzcgfBlX3hwkJNjJSOR5Sz1W6nUFSbNl\/Nvt1GCViAIBmX0aHSd4QX3NFyYH8nRt4QW7y66WRNjQvXholMEcwljQRtRINDG+tTs+X\/N+\/4MaSm9avp3D2q5M72pWibbtr1p4kJvt\/49cGAOSxbbSR9VtW3JAk3uEFtpton9E9dVfF3XswDIfWyBMpQGIyRU2I7ikBzEeqptwmaI3LVSw\/tsaTNEmWypf846ELIWpxhVRxr4N5NcdDBI7pck\/uB3RYMLbAVRZRY13iUzKkqXqCqGrUmV9d9MrkFXI\/WaIrItdGX0TpRiVcSbmMlgipUjXB5Wpendqsxsm37vdc3Yaq+4CAP+vO8mZ+UUwAjRe4DvJzB5rUaUUGDIQlPLn7p7aS3odLZbgqmos7VNwyBEJTuqtC800r1GZq6B\/tnBme0\/v2BpkbWSRuM5m6WQKlPAG\/zOtbk\/ZVj\/Z7JNeDlzl29F3gOXMq0dp1Ik5040UJDvF6XCIN3i+22Q83JDnLeKVV+bUwHCj+33x\/hGx2vBPyng1TfhKUB9ypvsJnPEZOebIumH3VFPlRvc63pYo\/j2e\/xOlyXd4apuGMcj7LHNuU37mTvGgT2RMTztUOVJC0MEFgzWfSfGaR\/AOOtS\/5Rh5Tfa1v4ADdqzkpGWw1fTB8N5+nCcqq8lX6x7ZVw1lpibzaWDePIBIen5U+z5Ta5n70bzX14q4OTZS9LhwJinWbq1uUJC3Qxax+Tgs4QTr1SpjCOf1htCHr0iEf5yrvqfXrbCg5+Qtiny27tDzWoYEp4+vN8D2fPj52oz9fDwK6Id2cOhs9frfcJuQjW"}
01277{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":449,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495669804673,"flow_src_last_pkt_time":1646495669817020,"flow_dst_last_pkt_time":1646495669824646,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646495669824646,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.185.106","src_port":33664,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AmazonVideo","proto_id":"91.240","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"www.primevideo.com","domainame":"www.primevideo.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495697787579,"flow_src_last_pkt_time":1646495697787579,"flow_dst_last_pkt_time":1646495697787579,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495697787579,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.142","src_port":56458,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_packet_id":1,"flow_src_last_pkt_time":1646495697787579,"flow_dst_last_pkt_time":1646495697787579,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495697787579,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8TvVAAEAG4RXAqAGAjvq5jtyKAbuisGnHAAAAAKAC+vDU+wAAAgQFtAQCCAq56si5AAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_packet_id":2,"flow_src_last_pkt_time":1646495697787579,"flow_dst_last_pkt_time":1646495697803322,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495697803322,"pkt":"PKn0qB\/spJGxgjQ5CABFgAA8kPwAAHIGrI6O+rmOwKgBgAG73IpV9E4KorBpyKAS\/\/903wAAAgQFlgQCCAoX\/J8euerIuQEDAwg="}
01244{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_packet_id":3,"flow_src_last_pkt_time":1646495697805649,"flow_dst_last_pkt_time":1646495697803322,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646495697805649,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5TvdAAEAG3xbAqAGAjvq5jtyKAbuisGnIVfROC4AYAfb\/+QAAAQEICrnqyMsX\/J8eFgMBAgABAAH8AwMm2R5Ju93q7BO1hUBCbI67+PD2u7\/isSvjCgLKpqok\/yCAWXfAe1hCLkH2e7v9afeyqpqQSwrsncirtbeBJ9H19AAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAVABMAABBkcml2ZS5nb29nbGUuY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIN3ozE7d4X5ID5WvLeFvcVfA+y6MygI54w6MzPaYwOcyABcAQQTFpbayzL1z3QPN8cTTIDg5o4CXfe8\/xuT5UCf9QOlCuSljPogKq5ahl7f7neEgUhdrgF5Z8PWW8a+71cG5NS4HACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01232{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495697787579,"flow_src_last_pkt_time":1646495697805649,"flow_dst_last_pkt_time":1646495697803322,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495697805649,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.142","src_port":56458,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GoogleDrive","proto_id":"91.217","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"drive.google.com","domainame":"drive.google.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_packet_id":4,"flow_src_last_pkt_time":1646495697805649,"flow_dst_last_pkt_time":1646495697827917,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1484,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1484,"pkt_l4_len":1450,"thread_ts_usec":1646495697827917,"pkt":"PKn0qB\/spJGxgjQ5CABFgAW+kQcAAHIGpwGO+rmOwKgBgAG73IpV9E4LorBrzYAQAQWmwAAAAQEIChf8nze56sjLFgMDAHoCAAB2AwMjBkMjuNSjuFf3T5UB4VQShW2RMJb6nEg6tFPsfNt4uSCAWXfAe1hCLkH2e7v9afeyqpqQSwrsncirtbeBJ9H19BMBAAAuADMAJAAdACBW7hcDghrrfOVqTYuuWsn+BUfEe81z8jRNsz6xFFKMRAArAAIDBBQDAwABARcDAxmG\/7x64IjG8oCepCcFONQfGHK7iGU+HQXLn33iJXlMlTVn0vqqiiz5vBS9ksLT4+EgsUpCjVec8m69tQXQb3Ymxs3kx7EpvP5amsscWBKZ+hAM+Vh9sCac13DkAH1CeGITrgIL2hAxobwm8ZMuzGkvSZgs3oFQxZ35\/jMeFpmZhK9Zd2FIvlVKkVNJt\/y\/ztdvUdS6zLlMqS+Xhpt\/P5PPVJGfAL5qA+hP6Rpyon52yHeceX32Qj1Vjzsqep\/IohLCYcTFolUanyUQ4S0KIY9+Urws43ojewBs1EpDLPj5ZCjh7jHRYaviyTUzBQEX2RoBovRPdCeD54V1P8811Trd6DAWBj\/ba48R0nfal0t2k787IJrKPCQHAXpu85a8jROv7CrVcgbPySrgeuXku80G3YIJTVRkk0+NMtMoyKC2jszgv74QXr3LT\/WSrx0y6+V9hHR3EYzG53YVhNqSE6VuO8A5llGKWNGuSL53Tb0tH2\/K5mvnUr0EQCKaKNYtQ+SDLDCoGNWaNNcLmfVyF4knjKLuab4CxjML8qWpKEnt3K\/KEQigYRsL0GO7bFq4IbuP33F98NgygV0puYYQy7TgHs8fLvCn5yg2WUb\/+LWtGNLGIYQdhszTiyotBbKSuRttV4DpI6lMToRKQnATVw8CbmDk\/jowdZW0W1or64L9L3ZxCicGKZV++AxOtXEVOetaHMClQLhvQhTxxIXd8r4BZfGaog\/\/rLT63URpSxtxctPI+sttfSkc4jvfKYgQMDkQ7PBY9vrGRWFNfnRcn\/Q0x7IMAPIQzFoRuLPAsQlmWp\/L90HztCWVRCByGxYHWokBVfWyKVVzMbHLtb1bfuWymzxEIqUqpFNaWfjhhnLYXiWjGAaD1L7jwQ\/IzvEECGZ6phyR2oJPMN7U0UGSWiTGxGT4MlJLNXhyLh25dviSl5FS+OqZWw4vxBCCI1xR3hW1mNXYYvMcTC1sTGmYCDOPxaV8I5jCb6APNAOtXVdRQxkr+fiFa8IhfmoDLv51qYlbR\/\/AVItwte0HAf57K2Jp30u3e22SNpmFbIHlqcQvCTePEZdlwfwk6BSymdFNzDJbc51ukjo8wA\/2Mm8c03+5QV4SzOhcq1x6aVzdpIAsSzRVL2ho0KlQFP29TcOaCgoazFw2QiR8Z530XVtBwmGM1P3+OZ6+PMJbpTB4DqeEIOHSyB8KDfY6n5Sw\/HP32c3eYMwhE5NOgCK\/aMzPWExBPsI3rHroWyi3T1\/ZhDzfglJ+3BaRXbFuwCSB3LvNE0MXL02sof+8eO1JwOvDFoauJOSiK7G8ri+3FnVavKXkFqm5jMt1+JJZ63z+R8vfBgpWHI5v6ksxs44ocJ2+TVsu3LXX3brnkLCB++P4jdI8izaiOBcCo2XpT4SUxWWs1OlbvNzZvsnRBb4OwMnw8Kmt+amOOo9KZ4dx8X5eqc6ishhDFKcJNMOkWgC5lCad\/YJnjmLO0ceD6lzKIiAkYgDtlZvU2KGjfLQ0zKuFZftqH05cBvAGBnyHvlNFqK5khZiB3RVSUB84J\/8gevzR+bNmGoHhxEQTLpdSBgHGIl8vGg+MQbc6duds71bbqci58\/krKTk6Dsblu1\/\/l0EEiwYqw+8pAZ\/aOpB5cbyd1rJ1Hu6PT7okAWEnT8A6aGOBJ7t33KjpYPBzXrzfhGiAieFwEidjAZTzrXcJGyq58d0aDBM="}
01277{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495697787579,"flow_src_last_pkt_time":1646495697805649,"flow_dst_last_pkt_time":1646495697827917,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646495697827917,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.142","src_port":56458,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GoogleDrive","proto_id":"91.217","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"drive.google.com","domainame":"drive.google.com","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710343950,"flow_dst_last_pkt_time":1646495710343950,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710343950,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":1,"flow_src_last_pkt_time":1646495710343950,"flow_dst_last_pkt_time":1646495710343950,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495710343950,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8tchAAEAGPx\/AqAGADVF2W4FOAbtTwyfkAAAAAKAC+vBryAAAAgQFtAQCCAom4HXhAAAAAAEDAwc="}
00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":455,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":2,"flow_src_last_pkt_time":1646495710343950,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495710376199,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0mxFAAG4GK94NUXZbwKgBgAG7gU7a1m2vU8Mn5YAS\/\/\/iBwAAAgQFoAEDAwgBAQQC"}
01226{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495710381269,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAIttcpAAEAGPSzAqAGADVF2W4FOAbtTwyfl2tZtsFAYAfZlCgAAFgMBAgABAAH8AwMcPgJU1zrnl+hPKuEgTOmCA8DSxG0x4ZP+nrnS1ukwmSB2tLYK4RsCmYHQ+tv7RzCytXVHC3ipih0buXJEGgMzzAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAARAA8AAAxvbmVkcml2ZS5jb20AFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgkhEItWzjEiug\/WBaiPCJVLwOMCFSobcq6gZ3ZM5d7hUAFwBBBKUDUTjCPdZ8Ll1S+z857hqnZsJZ3Vatea3adXIfU3XxBdTrso0nY7PLm8teDMagz\/bdRE3yXoqXxIphrdW4ROsAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkABABUAigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01195{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710376199,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710381269,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"onedrive.com","domainame":"onedrive.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02490{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":4,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415097,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710415097,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcmxJAAG4GJjUNUXZbwKgBgAG7gU7a1m2wU8Mp6lAQCANgpgAAFgMDFsoCAABeAwNiI4feoEoKP3I3CdJ4sDFO3BuDpC7rFmqWm4QRfpSjJiBNIgAAst+U8DPkQWm2nccVUJ2TFGizMiUJjRRWvVyIpsAwAAAWAAUAAAAQAAUAAwJoMgAXAAD\/AQABAAsADh0ADhoACLYwggiyMIIGmqADAgECAhMSABY7tDvBQMLQD1gyAAAAFju0MA0GCSqGSIb3DQEBCwUAME8xCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIDAeBgNVBAMTF01pY3Jvc29mdCBSU0EgVExTIENBIDAxMB4XDTIxMDgxMzA3MzgyNFoXDTIyMDgxMzA3MzgyNFowFzEVMBMGA1UEAxMMb25lZHJpdmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M4TKEOtsydwK0gk2Qpndywdv7K655kZl9DpvHQTqbG8+JTigP54mQxQhhYqGvUSIhxm7+arTn3RClb23KP0YST09bIy5PgvMoRXvCmydw9wkIqYfHMW\/kHNZNOBME7WKwNFun5jY\/cMdmRjsCLJxAO7QOiEpDcM5646BmpHG6jxjLCWSEcWvnO5AZAkMyyQBLnDYdzNSQMzdA2ym4ljwMrig2l8bjVVOJYJjrbeTefNEzUuAf0k3mEAw82zuJaFt\/6pnqhQQe\/lR81NVZ4bRNNgT33UOYPc+ekWUhxn6hIx0BkPkk8WlxF9MiPq\/qpQ74qgOKxDcu22TwCeK4vKwQIDAQABo4IEvTCCBLkwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB2ACl5vvCeOTkh8FZzn2Old+W+V32cYAr4+U1dJlwlXceEAAABez571FgAAAQDAEcwRQIgFyHEiUTiORwDnx+eNf+yDJ0BuJSaT36p1neAXJK61O4CIQDQWABqwY8NAOIICxniHASKuKeYdAQ8QfySGjqwBnE9FQB1AEHIyrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABez571GEAAAQDAEYwRAIgfNnYzNPNG4iOz0lGcHtb6Nv3g0g8lXttIxegSBOM4AwCIDsR6e9UV1Wij7UZAv4lBJFc9vjkAobhEO1zJUB1cWXPAHUAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAF7PnvVFwAABAMARjBEAiBw84G3c+x82YV7tJ21NlE3onfX6p2I0OMcLwYCWLVbgwIgNwWmsGEsKlUIH3+g5ZaBfhSgtJ0lIqkQyJe3Mg1gkEYwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDATAKBggrBgEFBQcDAjA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7ZAYLJhRuBtZ5hhfTrYIFdhYaOQYfCmFACAWQCAScwgYcGCCsGAQUFBwEBBHsweTBTBggrBgEFBQcwAoZHaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcnQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLm1zb2NzcC5jb20wHQYDVR0OBBYEFOsHNlp\/A4ATvAS2MVxy2vuUB2DTMA4GA1UdDwEB\/wQEAwIEsDCByAYDVR0RBIHAMIG9ggxvbmVkcml2ZS5jb22CCHAuc2Z4Lm1zggoqLmxpdmUuY29tggoqLmxpdmUubmV0ghMqLnNreWRyaXZlLmxpdmUuY29tghMqLm9uZWRyaXZlLmxpdmUuY29tgg4qLm9uZWRyaXZlLmNvbYILZC5zZngtZGYubXOCDyoub2R3ZWJiLnN2Yy5tc4IPKi5vZHdlYnAuc3ZjLm1zghAqLm9kd2ViZGYuc3ZjLm0="}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_packet_id":5,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415142,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710415142,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcmxNAAG4GJjQNUXZbwKgBgAG7gU7a1nNkU8Mp6lAQCAMrkwAAc4IQKi5vZHdlYnBsLnN2Yy5tczCBsAYDVR0fBIGoMIGlMIGioIGfoIGchk1odHRwOi8vbXNjcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAxLmNybIZLaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDEuY3JsMFcGA1UdIARQME4wQgYJKwYBBAGCNyoBMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NwczAIBgZngQwBAgEwHwYDVR0jBBgwFoAUtXYMMBHOx5JCTUzHXCzIqQzoC2QwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4ICAQCGkp\/5A4unIobaSLCqv0EROk6dP9NJO2qAhEzd3EaZ88LNPL0rrRdDFh837d9padYUl6afpISt\/vf8r5JfY7p2NAIXyfpXmMabjzoy2ShFI5Nz1W\/TL775BwVv9dU5mKxhAryZjwNrTWKkzGlf5cjC9Q+1S\/J6fIgJP1mZlNwFKK1hEx4QE\/GOIPBIQfmVgo8KU7aLaAQpHYmm+TVt5cUKiL+1yq5simdJUvrf6tmOM8GyRBNKutRns7sTD+IBkZLy08a\/u7Pb2+hDQEyRhUkjF4ZpweAtZbPw+NGbjrX3ar3mpjZyQcniQirFXXRuTwF8jmJGfE76WSCwyTm1g3pPgTWqQ2vG4QUKCyvCOvV6NN4rdSg1Mj\/Jng3IaMRvvkbFLNeCKnhY43lVqccHmqmFzwMKHJhxN7+mP2oEUbffAxfbyCe3\/6w2ZvTOOKdM5yQ2ydLMm4msRs6iiRXAX46nbCQiSxn3fZ2uWIclcKejfYQSROa3\/9hwWlJnwdIbT2klSXuHr6xJBd3dygrgUH3ap5fPgNrbKkigSTpL8QyxHfvr+uHMk8pKEK9IP5KzHI9WWuFZlVjk7VE83V508LXHk75wGT0p+c5whz2r17pahA+6qY7VVCMkSURcm6RCgI2hL6qL51F2fXfWSUkxuM0jrCVWAsDhqqjUGXESEUpbpQAFXjCCBVowggRCoAMCAQICEA8Ull8gIGmZT9XHrHiJQeIwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVyVHJ1c3QgUm9vdDAeFw0yMDA3MjEyMzAwMDBaFw0yNDEwMDgwNzAwMDBaME8xCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xIDAeBgNVBAMTF01pY3Jvc29mdCBSU0EgVExTIENBIDAxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqmJ3z5pjsgaE85A29JnzFFGr6pUKO0YG\/RFBH\/5bBljJOG4I\/E9ESM06pPe9HqLilbi+USDFv7JwY114DEPAKc1kSQmW2q\/O\/QVfKyqR6AFuLhibLJzQAX9p9e4\/U4hcugVsviIVZxSC8izSvltjN8yvYIXolmtrgAiobr4AnGuVcPzkGBKxHRuywRMxZzM05iXJYltYgnV28v7yPzsW36pCg+MybZuOQybwvQ4foac6ryzIiubqP\/ml0iWPkqoaCBKc\/qxKx8PrgJSrhxbRI0nnpLvHkd\/meTQ\/QUqnOibS6m9G4zhz5uXUka4LeJ54pe+W43PY95Vl6QW\/T1z\/Uqf5zwivp00JmcBxo1J6pTvXmwFUA+O2YrBaJ5wwJo62TVY="}
01674{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":5,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710381269,"flow_dst_last_pkt_time":1646495710415159,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5839,"midstream":0,"thread_ts_usec":1646495710415159,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"onedrive.com","domainame":"onedrive.com","tls": {"version":"TLSv1.2","server_names":"onedrive.com,p.sfx.ms,*.live.com,*.live.net,*.skydrive.live.com,*.onedrive.live.com,*.onedrive.com,d.sfx-df.ms,*.odwebb.svc.ms,*.odwebp.svc.ms,*.odwebdf.svc.ms,*.odwebpl.svc.ms","ja3s":"67bfe5d15ae567fb35fd7837f0116eec","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 01","subjectDN":"CN=onedrive.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"50:2F:33:10:92:AC:27:7B:17:BE:82:68:3B:E2:29:AD:97:41:B7:BB","blocks":0}}}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710534404,"flow_dst_last_pkt_time":1646495710534404,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710534404,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":463,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":1,"flow_src_last_pkt_time":1646495710534404,"flow_dst_last_pkt_time":1646495710534404,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495710534404,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8CqVAAEAGNnfAqAGADWsqDd4EAbvOscftAAAAAKAC+vD21AAAAgQFtAQCCArXIg8YAAAAAAEDAwc="}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":2,"flow_src_last_pkt_time":1646495710534404,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495710555642,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0VKNAAHUGt4ANayoNwKgBgAG73gT+RZAmzrHH7oAS\/\/9wpwAAAgQFoAEDAwgBAQQC"}
01227{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":3,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495710557378,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItCqdAAEAGNITAqAGADWsqDd4EAbvOscfu\/kWQJ1AYAfaM8QAAFgMBAgABAAH8AwNoOd\/HU8dseMv53a0gjDg57feHmv3ZKYt3PSUCEOAz7yDC+9qh9Lsnn2pjQO0NmdEK9+51DwzlDpkQTXJ0hGSXhgAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAWABQAABFvbmVkcml2ZS5saXZlLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACAI7FYCMeLngdMxbkPLy3IoQelSFCsyCvetq1oFf6z+UQAXAEEEWlI8xcTn+Mao6N7i2Le6X1KJI9pYZKIE\/2dqJMzsIrHC0C7HZlpYDP5BCM3Qrb983QL8azL17uscE+MtJARpvAArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01205{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":465,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710555642,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495710557378,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"onedrive.live.com","domainame":"onedrive.live.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02499{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":4,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710577506,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710577506,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcVKVAAHYGsNYNayoNwKgBgAG73gT+RZAnzrHJ81AQCAMfFwAAFgMDFs8CAABiAwNiI4felTmEG8xpkapnJZuLa\/s2HG1u+44zHSW4IrV27yB5PAAAf3fmivAcjmvMkcxXn29cxFgr9j4j+aMPxItMfMAwAAAaAAUAAAAjAAAAEAAFAAMCaDIAFwAA\/wEAAQALAA4eAA4bAAi3MIIIszCCBpugAwIBAgITfwAihO16gpMe82GhXwAAACKE7TANBgkqhkiG9w0BAQsFADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMjAeFw0yMjAyMDEwMDEzMTVaFw0yMzAyMDEwMDEzMTVaMBcxFTATBgNVBAMTDG9uZWRyaXZlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKoAmzA76zsofw7+fOUR6E1VJOItV6B42OhVLaXLBUkB\/DhNSK9Xwb8QSOHAEGpQdy0kvP28+zPgkBPPhQTf+93f+EYRB7Xu5P+bRtuYUIL+cpzvSLYELShoz3SJ+CQy3BOKLsqEraQ4EfPsNYX3QjrARzFGSDp9fY2bJbj3\/0e\/W0WvqafYuWX33WHzTqGCDleTqGmDPGLDkX\/IuBmF+BEGK17CvW3rMbqk8TH4lF1T\/ooVMPgBmiwvXSWzM7FXCvDPQOCIOyyrChq41ftB6fq5jbjIM69sKIAiVR+0H3ZYE+\/HYGvl70aEmz+KFIBgM2a79yTdwFZQoK\/uBiFmt30CAwEAAaOCBL4wggS6MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX6yqhjBAAAEAwBHMEUCIQCNLiElLMspsZARKBgFdiLnLjTr7bIsBQKjx\/HdJ5i\/AQIgCHv321Kesd0Xv1WzojtEsrdJtvb17s1Ive\/jZojLpNMAdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAX6yqhcvAAAEAwBGMEQCIHNSg7SIpma30Bup8euV94y5w51P3\/EPEyajGtKwJfy\/AiBJpNTb1WgAwA86eqbtihKaMYdiPOrEJVXPoDQHoY9mYAB2AK33vvp8\/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABfrKqGksAAAQDAEcwRQIhAMk79ZnrtAY16juHuToTQfhZwbbD6N+4gUHjJAmOqdOMAiBIvxRBhwrUcc+rkCTZBLoC6PCJzJb3PHlr8AqGFrsG2TAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMBMAoGCCsGAQUFBwMCMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD7tkBgsmFG4G1nmGF9OtggV2Fho5Bh8KYUAIBZAIBJzCBhwYIKwYBBQUHAQEEezB5MFMGCCsGAQUFBzAChkdodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAyLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTAdBgNVHQ4EFgQUa\/En5jNYVPlWNaZtHxS1i+inhGMwDgYDVR0PAQH\/BAQDAgSwMIHIBgNVHREEgcAwgb2CDG9uZWRyaXZlLmNvbYIIcC5zZngubXOCCioubGl2ZS5jb22CCioubGl2ZS5uZXSCEyouc2t5ZHJpdmUubGl2ZS5jb22CEyoub25lZHJpdmUubGl2ZS5jb22CDioub25lZHJpdmUuY29tggtkLnNmeC1kZi5tc4IPKi5vZHdlYmIuc3ZjLm1zgg8qLm9kd2VicC5zdmMubXOCECoub2R3ZWJkZi4="}
02503{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_packet_id":5,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710577547,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646495710577547,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcVKZAAHYGsNUNayoNwKgBgAG73gT+RZXbzrHJ81AQCAPC1wAAc3ZjLm1zghAqLm9kd2VicGwuc3ZjLm1zMIGwBgNVHR8EgagwgaUwgaKggZ+ggZyGTWh0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDIuY3JshktodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMi5jcmwwVwYDVR0gBFAwTjBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMAgGBmeBDAECATAfBgNVHSMEGDAWgBT\/L3\/hBvQ48y3tJY2Ywv4O9mz8+jAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBAMPsJfwqCr1vkmJ6xmjJ4J\/CR0ZN3Mxkos0A3EOeiRumGDDStRW\/V7tBzbpdr01AuMj7xssX78Pp\/J7WpMC+7YxKBWsZz7yFoQ79Gb+N79O\/wp6Ybr\/zyPix402UQF8PueYMQL8Lrs9tQCGUljs+pyBTcshtZeb4zivWV9fju99elwrQIohl3EiWNgRG3Dd3w+nRp0mtGkvJO624DK2U5yBVYFJKEZlB8mAygLF3A5SNVep3MDnfWFE9hZBrnSWdQVwFEFOPI+CbdRZi1+Enep8vd5HjCMu+hjiNZyROz459g3yXGgyaeg\/tl6FxDpwgyeVRV2nDXbXpfxaFDaMkaA4qFR+ar6Zos9Sm7wYAcc2pEihbm04YGGkQwnPo5KTKxcpSaRcik5Q6kzEjJlERhWKLihgYQwblXixQTiDtWoTQvfniIdWPlio5qYxjB3B26k5MZhmdn10RNh2KU0JLiJFZAazSqs26VEXIowPKd1AAYri+U2AwW0jm3zHHaD+\/sScG9chnnQ6qoI+R2qQ2eePaXtQbX7M9VNw\/vimognxXI\/6uLTpOzvnzakE5En2+kVCOMx9RpMpDBtpj\/yt71K2XVcd0jLWilv40K21K+vi6ADQw\/Xj2AhzWQo\/AcF5u8Q5vDyqUKbuKiVPcS++qvLlLILpCOgN2uxcO3HOnNjjdAAVeMIIFWjCCBEKgAwIBAgIQD6dHIsU9iMgPWJ77H51KOjANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDcyMTIzMDAwMFoXDTI0MTAwODA3MDAwMFowTzELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXTWljcm9zb2Z0IFJTQSBUTFMgQ0EgMDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD0wBlZqiokfAYhMdHuEvWBapTj9tFKL+NdsS4pFDi8zJVdKQfR+F039CDXtD9YOnqS7o88+isKcgOeQNTri472mPnn8N3vPCX0bDOEVk+nkZNIBA3zApvGGg\/40Thv78kAlxibMipsKahdbuoHByOB4ZlYotcBhf\/ObUf65kCRfXMRQqOKWkZLkilPPn3zkYM5GHxeI4MNZ1SoKBEoHa2E\/uDwBQVxadY4SRZWFxMd7ARyI4Cz1ik4N2Z6ALD3MfjAgEEDwoknyw9TGvr4PubAZdqU511zNLBoavar2OAVTl0Tddj+RAhbnX1\/zypqk+ifv+d3CgiDa8Mbvo1u2Q8nuUBrKVUmR6EjkV\/dDrIsUaU643v\/Wp\/uE7xLDdg="}
01684{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":6,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710557378,"flow_dst_last_pkt_time":1646495710577591,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":5844,"midstream":0,"thread_ts_usec":1646495710577591,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"onedrive.live.com","domainame":"onedrive.live.com","tls": {"version":"TLSv1.2","server_names":"onedrive.com,p.sfx.ms,*.live.com,*.live.net,*.skydrive.live.com,*.onedrive.live.com,*.onedrive.com,d.sfx-df.ms,*.odwebb.svc.ms,*.odwebp.svc.ms,*.odwebdf.svc.ms,*.odwebpl.svc.ms","ja3s":"a66ea560599a2f5c89eec8c3a0d69cee","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=Microsoft Corporation, CN=Microsoft RSA TLS CA 02","subjectDN":"CN=onedrive.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"77:7F:F2:95:29:A7:E3:CC:0F:BF:2F:BA:2E:6F:2A:38:62:8B:48:4D","blocks":0}}}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495749875318,"flow_src_last_pkt_time":1646495749875318,"flow_dst_last_pkt_time":1646495749875318,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495749875318,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"129.226.107.210","src_port":45014,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":473,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":1646495749875318,"flow_dst_last_pkt_time":1646495749875318,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495749875318,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8bgJAAEAGHN3AqAGAgeJr0q\/WAbvpKcA1AAAAAKAC+vDq5gAAAgQFtAQCCAoyACVaAAAAAAEDAwc="}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":474,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_packet_id":2,"flow_src_last_pkt_time":1646495749875318,"flow_dst_last_pkt_time":1646495750196617,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1646495750196617,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA0AABAAC8Gm+eB4mvSwKgBgAG7r9bNFCqu6SnANoASOQgzewAAAgQFoAEBBAIBAwMH"}
01229{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_packet_id":3,"flow_src_last_pkt_time":1646495750202078,"flow_dst_last_pkt_time":1646495750196617,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1646495750202078,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAItbgRAAEAGGurAqAGAgeJr0q\/WAbvpKcA2zRQqr1AYAfYZ+QAAFgMBAgABAAH8AwMSMXO4WcNq177CYxST5Cayi57AGXeQdEMNPed0f\/vO+CBsnRDIIeROJeOlCByvk7lr9pRUbeR06Cs4dVzQT0oYEAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAASABAAAA13d3cuaWZsaXguY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIOmUL4m7jSQuaHGCv6++\/yOU0VJCaPyexIMcIsguXG5nABcAQQTHBHql0\/iCD7AqH7jE0qyA2MF\/+\/iD9HNmfv2msqiXNFGoZilNx52dlYpSngcjMahYCZatuJxecuXUWxhAYPfzACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAQAVAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01214{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":475,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495749875318,"flow_src_last_pkt_time":1646495750202078,"flow_dst_last_pkt_time":1646495750196617,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495750202078,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"129.226.107.210","src_port":45014,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.IFLIX","proto_id":"91.202","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"www.iflix.com","domainame":"www.iflix.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02451{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_packet_id":4,"flow_src_last_pkt_time":1646495750202078,"flow_dst_last_pkt_time":1646495750523473,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1486,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1486,"pkt_l4_len":1452,"thread_ts_usec":1646495750523473,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXArXpAAC8G6OCB4mvSwKgBgAG7r9bNFCqv6SnCO1AQAHs54wAAFgMDAFQCAABQAwP2T7ylc5TG1Cll2NWDwb2NLqh2ErveSDpZqwGfyrswPADALwAAKP8BAAEAAAAAAAALAAQDAAECACMAAAAQAAsACQhodHRwLzEuMQAXAAAWAwMMwAsADLwADLkAB6cwggejMIIGi6ADAgECAhAEeWT4FvNiG5vHGkF64P6tMA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IFNlY3VyZSBTaXRlIENOIENBIEczMB4XDTIyMDExODAwMDAwMFoXDTIzMDExNzIzNTk1OVowgZ4xCzAJBgNVBAYTAkNOMRswGQYDVQQIExJHdWFuZ2RvbmcgUHJvdmluY2UxETAPBgNVBAcTCFNoZW56aGVuMTowOAYDVQQKEzFTaGVuemhlbiBUZW5jZW50IENvbXB1dGVyIFN5c3RlbXMgQ29tcGFueSBMaW1pdGVkMSMwIQYDVQQDExpqYW4xOC0yMDIyLTEuaWFzLmlmbGl4LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAONDo+fCiHHW2gUXMs8YFYNzqvvrSDtEMt5WAC8d02vLqqqHqyV3xKCaOvC+E8M5Gaus3nKGfiYBIWwTf2hKawNqQNOi2cIu0VuNHq9bDO9fyPWNqa\/CM62BlhvviLZXb6MqezX\/t6MAShMwxD91+YJNOzp5ZkF0pQ2JL3DQmwWKCkN4BK9brQk4N3JoQ8qxSHo8Ndqw7G+DqACRETIsVhhlWdRLXYjBuGLDQZCs6MUlN4qydE4+Z+AztAf6iqCt1IAR\/wx\/tfWjQ96p4fRU9527\/a1TzeFI6+LIB1l8d5vLEOuSF1NeJ9mHVluG23V5qQKFlZzJ4O7P4RSsUKwFT98CAwEAAaOCBCwwggQoMB8GA1UdIwQYMBaAFETZyEozjtNSjaeSlGEfmsilt+zLMB0GA1UdDgQWBBQjG+rpEHiaxdYmAmEQBuly8SSjSzCCASUGA1UdEQSCARwwggEYghpqYW4xOC0yMDIyLTEuaWFzLmlmbGl4LmNvbYIQYWNjZXNzLmlmbGl4LmNvbYISYWNjb3VudHMuaWZsaXguY29tghVkZWJ1Z2FjY2Vzcy5pZmxpeC5jb22CD2h3dmlwLmlmbGl4LmNvbYIJaWZsaXguY29tgg5saXZlLmlmbGl4LmNvbYIScGJhY2Nlc3MuaWZsaXguY29tghdwYmRlYnVnYWNjZXNzLmlmbGl4LmNvbYIOdGVzdC5pZmxpeC5jb22CFHRlc3R1cGxvYWQuaWZsaXguY29tggx0di5pZmxpeC5jb22CEHVwbG9hZC5pZmxpeC5jb22CD3ZwbGF5LmlmbGl4LmNvbYINd3d3LmlmbGl4LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNlcnRTZWN1cmVTaXRlQ05DQUczLmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMweAYIKwYBBQUHAQEEbDBqMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5kaWdpY2VydC5jbjBDBggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY24vRGlnaUNlcnRTZWN1cmVTaXRlQ05DQUczLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwDoPg=="}
01304{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":476,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495749875318,"flow_src_last_pkt_time":1646495750202078,"flow_dst_last_pkt_time":1646495750523473,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1432,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1432,"midstream":0,"thread_ts_usec":1646495750523473,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"129.226.107.210","src_port":45014,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.IFLIX","proto_id":"91.202","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"www.iflix.com","domainame":"www.iflix.com","tls": {"version":"TLSv1.2","ja3s":"00447ab319e9d94ba2b4c1248e155917","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02461{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":477,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_packet_id":5,"flow_src_last_pkt_time":1646495750202078,"flow_dst_last_pkt_time":1646495750523531,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1486,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1486,"pkt_l4_len":1452,"thread_ts_usec":1646495750523531,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXArXtAAC8G6N+B4mvSwKgBgAG7r9bNFDBH6SnCO1AQAHs1DAAA0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABfms3jGwAAAQDAEgwRgIhAKLX21ipyY1svglvvO5AM7mYKcgR49pkYsGyAPh\/1vm1AiEAquTKtEZAAkk1tlNBHXFhDTvmhglU3gDrwoVcdb5hVJAAdgA1zxkbv7FsV78PrUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAX5rN4yHAAAEAwBHMEUCIQCeKg7uyJNLfl0yYAqUyuOb17OrAYVhxKLY\/xNcl7x4IAIgFLq9wZVNj0hGkut95sSniy2MoEb+d+xzXLiu+S6kKh0AdQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5rN4yqAAAEAwBGMEQCICpQ\/IXWNNwI9MzQtOvIjKWdv7flSEY764Bai5HB7cb9AiB0Jfo904GAh6C\/R+WXtNG5zNBT8Dt6\/csSLQTZxbtaETANBgkqhkiG9w0BAQsFAAOCAQEA6pwIZ4HmpkwyMmovsoK+mBu9BlOw\/QRO7jwr1Y8RrMePjEWqLh3pbGSElp4kdICW7Lj39N98vmyPhXPeXnKBtLYLAwi5zvPqTwt5EU225yAOMs2JQN12fxyalx\/TPuDT6WryoYhvNszDYS3lRaO+H0KrXSAGEATP2UbGlalWi0Pln22OHcxYdTgEtlEWgUjv2yZ\/GE1F3nCFmpNbCZJ874Asv2hapXYdl+nrpMkoydH3YzyEzXEwnrr6MdbKk7xiVCw4FjJE2FMcSAoHoZskwb5rFjAIu9SHfYyXB2SgoLjcNRJ35Se\/n2rImtRGCEgPE\/PlfLIPrajYkhbC05ySbAAFDDCCBQgwggPwoAMCAQICEAbJNRrm8KxusAb7DCqnMkEwDQYJKoZIhvcNAQELBQAwYTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4GA1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgQ0EwHhcNMjAwMzEzMTIwMDAwWhcNMzAwMzEzMTIwMDAwWjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSYwJAYDVQQDEx1EaWdpQ2VydCBTZWN1cmUgU2l0ZSBDTiBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPBbyx\/M1zj8DKweWRHWlLX7qV1Y9wAyCLfbmm8WZ5pziVXhEeIAQwZrmf+c72rYii6sxNOZcNN670l44lowMBkmUFm8c+KlCMRsTqb8qbFubW73JypDxvb7NrY\/rvikiggjAO\/dnOK66FzgR45UB5fhE\/sZ1nN58aG8O8i9b04RHAZArC4ruAROXhEzMxKZbmeYVU99RCEk5FPi9qqFT6r5drwiypm+IiiWB6RiJtalRkYH+eJMX4UZfaxLuJNq0HlGiYeK+XSs9ctExQcCyADOJ8BlXOtR+UvO+DLdWcOYtpMZ0cpjDYORRbgpEBSK41JRb5Q6ITKATUb27cx0AB0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRE2chKM47TUo2nkpRhH5rIpbfsyzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB\/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUg=="}
01868{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646495749875318,"flow_src_last_pkt_time":1646495750202078,"flow_dst_last_pkt_time":1646495750523550,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1432,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3672,"midstream":0,"thread_ts_usec":1646495750523550,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"129.226.107.210","src_port":45014,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.IFLIX","proto_id":"91.202","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video","hostname":"www.iflix.com","domainame":"www.iflix.com","tls": {"version":"TLSv1.2","server_names":"jan18-2022-1.ias.iflix.com,access.iflix.com,accounts.iflix.com,debugaccess.iflix.com,hwvip.iflix.com,iflix.com,live.iflix.com,pbaccess.iflix.com,pbdebugaccess.iflix.com,test.iflix.com,testupload.iflix.com,tv.iflix.com,upload.iflix.com,vplay.iflix.com,www.iflix.com","ja3s":"00447ab319e9d94ba2b4c1248e155917","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert Secure Site CN CA G3","subjectDN":"C=CN, ST=Guangdong Province, L=Shenzhen, O=Shenzhen Tencent Computer Systems Company Limited, CN=jan18-2022-1.ias.iflix.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"6F:FD:C1:38:F4:2A:0B:65:51:9C:0E:11:86:63:B5:58:52:FC:96:B0","blocks":0}}}
00786{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495785326719,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785326719,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495785326719,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"216.58.212.142","src_port":38642,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02347{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_packet_id":1,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785326719,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1399,"pkt_l4_len":1365,"thread_ts_usec":1646495785326719,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAVpAABAAEARxpLAqAGA2DrUjpbyAbsFVWFvygAAAAEIEaJhA\/pmmGIDGZVnAEJ9k4MXlQzkENByBWBPG6JdLnJ97tZTge\/8kX\/RhzOqc4jakqIni2HiqmCs6hTSmZEhkbOUs3lvKsO9F9+XIhOeXqIykOCxzeDPOvDHVnxP2ftNUD1lroHjevW4+JYs\/R0VPIgtCayG\/meCf7Lef9QhWL6YQmXx48ui2W6tYfyIEiaXDMtExoqL+hacVg2HpNlIwJe4PE0\/HEg3ezCS0HD8j4RVM2gk+MitT95qpQmfRz8ntx5WznfpVZvMxU23bid9\/dO3KP4LRTXApe0VNoqcMS8eAgkUyCgd5nSQ87LPgFqnkCEFratISm41sDhhr7ve32C1I\/TlAIhgBRfW87C3WFDVCBagaYOeonExydEo\/D28evz\/tjH6aV7xu0wNblTQywt3lynmNkuwCW7cnmeQuau6oQOA9GiSOfN51L3rFmCObunfGa2ezZE4y2FjFlEEKO\/QIf2CassSbDJm49YK5w7PoSq58kn\/6qIb0Tn5xVj\/LonVQw1HAkNmcP8ql0C7shrF43UdoYXvT\/hOCOA\/VAd6JiIod3M38vXNHkTBOnLJf9TfjJE64UfVXvq5UqVG0r6WldLJGu2xtNgpeDi11dyXdfvaPJX4DN1wutu28hbCiIktfSp6wZpMBmAyygGuO73TqglRovt2xSE4EHwrJMCD4O2TYEurb9uUa0gMyyJFr9\/L+BwLQIYk52z2VLzFmq3EMYlrlu4r\/zm7z83+qa7ryx2Qegl3wdMjyEciWgqgcac28uJhD3lOGWLmvmFxM9fEY1jJKzrVnaWs\/i+ophLeLFpkmeSef74TmyzGpEZIsuPNpoyrlLRH7YPjpxJQS81Wg3bRzpRPypt93N8AAAABCBGiYQP6ZphiAxmVZ0A7KMwiGjnAKddrCOyv2PDiBRWs1qpECiw2xTVInm4f3DIdG9S3r6Co1Q+QqgROt51vL3O9dOvlXAZmpcYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01248{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":481,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495785326719,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785326719,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495785326719,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"216.58.212.142","src_port":38642,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"hangouts.google.com","domainame":"hangouts.google.com","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0315h0_55b375c5d22e_9974e4f6be5b","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
02355{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":482,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_packet_id":2,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785351813,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1399,"pkt_l4_len":1365,"thread_ts_usec":1646495785351813,"pkt":"PKn0qB\/spJGxgjQ5CABFgAVpAABAADMR0xLYOtSOwKgBgAG7lvIFVdbOwgAAAAEDGZVnCBGiYQP6ZphiAEPst9JjIfZ6zFXkACoVjtJE04mEvUBO80J9CXDI1AzGWloBOqzPXI+URdYvHEecgUeYllSRgTGQ\/pdzmzfdkga4V0DlNh9sMthgcZTrWfMiNpOkeHh+8VGEpoSOyr5bTtr6qKEGYg7ZZM+3g8CNri4\/Y4rmU\/u2ucvFt3wUyTEBNlGlntUryhGUoERRNT55NmFJqVuhU\/GueMTfSHsKfOOCMhdksMgHmrVyRumUWVrccMpyqwcE3vpmgCs+uFNthYNXlEj8FMdYAA6FIKpTcrXTgZ3Nm3DRRlDCt76rYa9Ed5zm8JxO+MhvWTGGpqVfgXpQEWyeWMNxG693XFsxTB07PJ3\/YeWP9LrYnM2HgdinrEmJ9dHI16vwi5FQ0cWQJ92cHEvIGKGiq8SA5HEgTnQVmdK2xOmx7dj0KaicL3ol58t8ltkbIXgfkxYhp5yyTHcH3z0UKdCT7GAS6tTRIUS1R7xH75rixlq6B8ZSkGHfajnn6P2ZcdZ\/x0f91Ed0FleO4gdbHHIHetNxBiPPjmSYid1gKObR53SjxAV83g\/W5uVBPG0cabwLojDjBF4yItmMF8ard0uchzKjL7+VPzEBpyA8VAKvlvVbjeonWQ9zdLjCu+3DI5DnZF04lHG772bPMCDbbp1L2TwHKUlogQBjbGpHA7cGqXQ+7rgXzsp8A1LJ4M7UOfhwAhpEZinbjHrtptlKXt3FIxug5QT3rZRFmRCTzNoEN+lueCUbvABz5ahUadsFXVwk+QV6y6OfittlgN9FPzvu2wbXQsdpR7HuGw5be5n5hrjM\/gt9Cn1qYtj8W7tpYyeOF6J2KVyL\/JC\/QJoDFTRmNJOaSu8I9GPipG+PZyHfbkz460Q5SYy9J6Yty8H0OpgvMOxAZyJfdY6HpBJ73a3hMG\/oeLH2XJGbp7tfnJSbIrw7OjnmUjZjC3QFC5ZT\/D9lfLZQtLioZhFU2dvfGzIgp3e6A6JbEE0vFluuvChl2C+0rBUUI4BDQaLDC36yd\/nqeU9YkBNuGMLNwmS1nu9FZU8mcDANqVoY5yVLg2kamNS5X1hNq7e0ZttiC++uqF2vAilhDlKm4Sn9UjPckZuiZBomYpyg0Mx2VTEwtpKds6MA+UAswT6IhWCQVBWewjai+fOWFc9I1PVuJXv6wszew3Hcqcb00f6u5LLpYQLzSeihJuZrVlM1j6lGBHe0EhJ6DL1teURdZuXWHdzyDqDjp983xiqcs411z8ivoxsAQrnJoCWJxd7jZsORlrj+qRu70MzdRwWows6Ir5D2WLnk\/xr5xZXlxc0qq35KzQxuScxBBYPpS5ZzPphWbiD4nd3CHT+adzTjAAAAAQMZlWcIEaJhA\/pmmGJA9VVpI4dKlmrgeF\/YggQi8sjf99E3nv5OtPvRrtZcyuW01yoBM35YdPwOsg50xXr\/BiQRHRmpg5AI\/Gxv40hVq1L2PZoVADVhqqGncF1oScVHTbM9W4m3oXbHay1EHfQ5lAWTWpN49l9Tiv7IrVgj7Dp+73Bh+\/I4be++4+GN0yWQOqn0T+ijD3iAvjW07u4KFggANU2wFU17wsvlJuMqKoty0iSiIcZD1Fpv8YeBupA3Jd5TcFAQxL\/\/amaXv8CyobSjSega7I6w3iSVpXXusfvcoL9IwMGqCbpjl4yujE+\/2nPBKVvs4iEZolT1zqdJU8Q5tR5vWxmVZ56Vkqmz6hVG35AqABKCyEo\/gk\/PneTs58wsy3Z+6AWG31mbKVGDVWKfuUivH9e1GriPy0Y1T2Vi68\/VxrxY\/w=="}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495836963393,"flow_src_last_pkt_time":1646495836963393,"flow_dst_last_pkt_time":1646495836963393,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495836963393,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.206","src_port":50608,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":483,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_packet_id":1,"flow_src_last_pkt_time":1646495836963393,"flow_dst_last_pkt_time":1646495836963393,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495836963393,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8O4hAAEAG9ELAqAGAjvq5zsWwAbtVp40sAAAAAKAC+vA0nQAAAgQFtAQCCApsJfcbAAAAAAEDAwc="}
00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":484,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_packet_id":2,"flow_src_last_pkt_time":1646495836963393,"flow_dst_last_pkt_time":1646495836979425,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646495836979425,"pkt":"PKn0qB\/spJGxgjQ5CABFgAA8r34AAHIGjcyO+rnOwKgBgAG7xbDcn6Z3VaeNLaAS\/\/\/zpwAAAgQFlgQCCApyIEa6bCX3GwEDAwg="}
01242{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_packet_id":3,"flow_src_last_pkt_time":1646495836983510,"flow_dst_last_pkt_time":1646495836979425,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646495836983510,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5O4pAAEAG8kPAqAGAjvq5zsWwAbtVp40t3J+meIAYAfYRowAAAQEICmwl9zByIEa6FgMBAgABAAH8AwOIf7nJ5breQpxi5aty74p4A0tH8s+YhJ7uQwoAchgbeyDiYRrjyIJgoj6ghTCikRuTluEoGumBBaOR1N7eUGiD\/gAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAATABEAAA5nb29nbGVwbHVzLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACBQQOMOQqFJCXmUicpi9d2kYaSiqPqeBjWpdYiUO92OBgAXAEEEwEm0an4CaV7UYrRD1yMS8F4iZzs0QylP5VOKPX+Fji27U1gjEJPJGZS7PVMPfJS0GsqWWRpHV\/lDyKacoCtA0wArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01203{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":485,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646495836963393,"flow_src_last_pkt_time":1646495836983510,"flow_dst_last_pkt_time":1646495836979425,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495836983510,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.206","src_port":50608,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"googleplus.com","domainame":"googleplus.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_packet_id":4,"flow_src_last_pkt_time":1646495836983510,"flow_dst_last_pkt_time":1646495837006974,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1484,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1484,"pkt_l4_len":1450,"thread_ts_usec":1646495837006974,"pkt":"PKn0qB\/spJGxgjQ5CABFgAW+r5EAAHIGiDeO+rnOwKgBgAG7xbDcn6Z4VaePMoAQAQXH7AAAAQEICnIgRtdsJfcwFgMDAHoCAAB2AwNlkkH7N5+Ir9t7Opyb1+MestDFqBupGE5Oka0ZxgLPvCDiYRrjyIJgoj6ghTCikRuTluEoGumBBaOR1N7eUGiD\/hMBAAAuADMAJAAdACCbCqXpM0cs9oMHrMo5IBrho8zYaMQu6+VqaTNl+pUiYAArAAIDBBQDAwABARcDAyq0pgoJ\/TFbvECPRikyUqjisy36xEvjPj+06+j8sVI6nq4hlS4tugyWAZAUYNagFfLAmdFzAkBQshygFW0wobzbVDRwv\/EcgdzgLpTGF5Xtr\/SsZD3xrhnAytds29m99JCGwebd9N\/dHGADsfWNCwf4Ou0wp1RkHjrzrB3WYRLS61pDTSQY0gPgEnZ3tIsQYnD3oeI2EXW0dMx2w9lUj\/J6NDYFcXqxosddbzbFZvoEnj7UfcLdjh1PKZTbtzpfZ7DcoLtj6JbnxG53e1BB3s8G1reKAW\/VmYXdX\/cyMmEby9IuXS9yBNHbfs779LPWnOOxXDmDDqs+aLpwZMYCUO5eCBsp7a\/NqRf0deOc621LaWwXAAQ4FxhgVGyUfQjzkNn3Nv1+mDN7MnoHN7aY3em2LGZM2SmvSwNKQGQP3SldtU9XldlH+St4DLYARiiVh9\/6HGc2\/Kxb8Bjdq8OTwB5AVRqBmDFoosixwxCyNl8WscQFjHktWUQPaP1TkMOqL+48JKBYlm5Ojsn3Ke9vY1013ScO4CSc9vumWfg7kmUxkqmUoTfLS+KfNxh+9WwFMDiWDzsizeAGV8\/Jt1H\/ysDcmIkXa9u7BRSRFpjWf+ZA3p6cjDBT+GT+cZhK\/bTGYuhYTeImMvUGbeINkcaXguvJi+XRB7m6ecBQW9Lu4Yt98nejotepfbs8PzH\/ONFwVMg+dzYviggrvkhGYdRAJdm9D2LihlyOhCwfCytphrVjIMOWXGYuI0UnpYBI83SLUwC\/lBVyCt9HQCu42vmEeMryiSqQrvFWIwMrX0c1tzBHdb8ZSNTuNOuEKOKFq+ECBQsjZZrlQP335v+0agpSIJUHRu9GJDMrD+nh4F2z1vlXMYRHqhnuoSFNLLzhJnZxTveh86f4BVB7DxExbuOxGKVmDrAavno4vzY7kgfdd2e72n4JbSDOwEIe+KVB7Fnh5hoHzwoJFQQ1hv75zjodbmsiFYqW5kbucUYcwcrpTgfHTsv5xRzgONrI4tfaqhcc6nQap+p3x\/cfYxC\/79tL6Xxyqy8Yo\/72hZ1agd3wZJgunA9QyqNsmQ8sxzJKxG9OX1vTIu1ePZ4e\/YEUxASKPtbNblj\/Q1kPNuV\/+Fyzwh3JWUzpZNag2bedFdA05PM2MNi+qPggjPX3knSagRsNFQDWcljc5a53eCOIMpkegepf+eeHAq\/lpxG+lKcsmx67BZikkDgHmm0EnERKkIpATBwPqBz2NbMcsfPkvE+zao3e1+zO\/4YJvusEPP1E\/xAyzZ2LRyfTtr0yaqCMeGPcmjyzWDjeGbQz+jAeunZoaVs6td\/eJ\/Wq8dXAhoggPtq\/HfBcyDqHP0VAnIolyBxXvycQpgITXohrB7H7Ke0cVXUyDgDyR2Ml8yl0BNRfEwjJe2cz\/DJpyikxD1uHWbRUCiwa1Wokbe8WYwZrtjccrQbloAS3dSe2s565hhcELcKzNsNNGeE\/YQI8E8rVpi1drUwp1bZFATb5QfpnCqptQtTq8YfvXsE97z1gp3A7Nvvy4X5l3CxumQd6ANYCZBsjA9DZnja3MU97agB+VtGqcsj6toWfRmEa14ji1Ure9D1Ms5HEoV0yYkRZjJQZTsZrwkYfSl1upUl6NNyU2i4wcpeMoHs7a66sHDjaJxXDnCHDf05jK8ysGf4WJVOrNqwrIRbSlFOuDJrltrn0K8e9GQFC3K0="}
01248{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":486,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495836963393,"flow_src_last_pkt_time":1646495836983510,"flow_dst_last_pkt_time":1646495837006974,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646495837006974,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.206","src_port":50608,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"googleplus.com","domainame":"googleplus.com","tls": {"version":"TLSv1.3","ja3s":"eb1d94daa7e0344597e756a1fb6e7054","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00787{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495837086190,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837086190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495837086190,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.181.238","src_port":36832,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02341{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_packet_id":1,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837086190,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1399,"pkt_l4_len":1365,"thread_ts_usec":1646495837086190,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAVpAABAAEARLnPAqAGAjvq17o\/gAbsFVdqKwQAAAAEIGskra7CKZYEDuYLxAEIVFxxqmZ08lCd3LEamnRnTwqMewjQTOXHJ+bQBCnc75qyddTeYHQ3SnzAULSCTOvy9BuronZfx+Rok2NEb\/1BsWpwM7HvouqIbg\/UM9rh+Oz94fTVRKCbJSe1Rt9Wi3IS3cTWhF88qqkbPlVNVfTP6qf147kmXwAclEb200UQEzcAZIv3o++EPu3L79R8FmBpBYJnCKkgaxbqODau1mi\/955te0zmkf2846gwZzwMXzDwbr6\/3HnP3h8OfoVM0MIFN9x7Ds+vGpVKDRpQM0NlvNQfFfblQvgPKr6\/wJHgowwd40oBCNI3FTXFgafKbw2f8iXs1MuIi6dbw5qDMfDg7neN7v6\/vcX4HSf8y6PVeyxCvA4+7q957ap\/3PII07iu47YhDzCD0lwTDjfi\/a1raoLz70\/SPK9NEbeWnxibfZXFeg8+E6Qmd9DFP4zQ2QPKahjqlPM4ZePdB1N+sWTrGnHY+e5VOY4qYOyABuFGeuadAN35ZvnTav7s\/+rzxtiAo1AWyqO5W85hkYntoGdWyMOzcrhaGvKoJNlyQWa3gWJkpY39Z1uzVJ9G3lDdAsC9\/zRJfbRKvAouMAfcWbKNWIPlVEx425CNhqzWnjNjSzKi5ec4e5C4us09IcxcJ6YiARP3HINF5Ycp8CM+O3SAPpWjAj1wgjVCtDNLk+H+lVLgNqHb0nSuRRFGscCZoJV0VpfhM0MYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01241{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":487,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646495837086190,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837086190,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646495837086190,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.181.238","src_port":36832,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"plus.google.com","domainame":"plus.google.com","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0314h0_55b375c5d22e_2d2a40a25571","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
02351{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":488,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_packet_id":2,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837102627,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1399,"pkt_l4_len":1365,"thread_ts_usec":1646495837102627,"pkt":"PKn0qB\/spJGxgjQ5CABFgAVpAABAADMROvOO+rXuwKgBgAG7j+AFVSXtyAAAAAEDuYLxCBrJK2uwimWBAEU4Tznrzq28hb1XmRDs0MFqelTnhcFUZ84H4q1aY4G8iO4oHDfc48pBHn\/VwFJa95gqSHvH4Ev8Om2dP0drKfHTm5RIabnMUwABEpNiK30Wb+s0DC1P8fJqrYirSkcMUtk+OScepXvvMoUJqb3oK\/SHueY\/CR+1r94ahlb+lQ5CMkRrFEpV8Y80c9Tk558ky1YvZroBJocv+D8x22dTrB3Nr2zV5BXUe4IfZjyM1uOvrGOzm7BFlSrMgOj6FKIkCgp\/pf+jrmIN6zoTCYHljLfpxOi3CtJlotE5kvBNJfYTIlpV6ePxOeaBHnLAnR8AUiLMe4EQhoCyafpPSu2uRilBt0zY24SPHj+Vr1q8JDD3+tdbrEpwnhqALSf4fMlI0nlCiW6KDCz9YYUL75K4IS9444yNzf1Yr99Mh0kbqbRkqVD2lz0sc+tejmla91jt2s1ymwqM2Dkc57wq\/ZGL2qTvHoCDCrWXzzSFq2DtMODbeFddKrW7D2S\/WC6gNpi8CkmnUEfrksPztXbMxr+4svM2m36IzD+uTDtBonQOeeetS42fSNmayHtkfbHFRhxhKIWxbXnDeYhaHVYjCQ+4X0zwkTVPladnLIcVEBYqwYQv5\/bz9ieX8wyoykaDLtE9CrJi2EKtZ8wkCC7Z741Zd+Wml1GFTEX8vTPcXOs4jWXGa8by36ak7R21cVgtCbMzCsX51MXYO9rxKpqzQ90YL3ZJybESTLyCZVaetnFQQy0zj9i3aMbEeaF1GIY8fpv41LJIfBTcuddEsku5mHk0ET+hIJRQHhrqv3\/7dLCFIB8IbFzqoMNXvst3vFd153RNd4+wDFw0PTKp3WxAax7aH3o4vpIKkH5MYZZm6QdYg4AXeCOVs+yOQckfo449mppsZnBCauNFwyGHgfdImQc5ChUcBackKfZKPm+8gpfez3Lh5cIH5TVZfBcX2049yxCxwBIQNMHRFZ\/l6px98JrGqv9wlLvZ9x05f9o+OBwqtGjSma1n6CqkHTjCKDb9wEKbD27oXi\/IB1KPHp2u9d\/c+7X2RVtjWmizhI43eqsfAt6YQSI\/I6i5XWGJRa1qw\/6lLbvQvj\/jHqXTS68GWhBdBLJUtfTko6qCsN7rqu1qRzGoIhl0BkGE92lNyYY\/ZTU6\/hdcvPHH\/gVolLu3hFDPu+ipgvDDLIZuRl+UaoOI4gJccnN1m37oKsX6NQtnyeGSc2tM6+62ei3A6X8waSaElCusvteiUGCHQxwaHmAxN+l0Fnrtj2W9v8HqhbG8zavLaMSK9TCSurpq1GtTp5SAztNP1KCrvVnqVhJrjpPBsMoRZgIibHU+b02bSrZ5vLUq8fMRq1DHjSpmxuFXNZXv4gyNl3Dl6lhcF466Vu3DVIKOpmXUnOt94P9drBleL2pc6g\/Rsi+uKui90velUE0hGPgoOIhhDJ0ymy34LYnDdDZuGwprFKEAglwy2+YC1sXbba6gKVjcOV1Ca5zHuLIWZHit470RXXzr7m1Xi\/5cXZYyKSyJACVo6ge6ve+Upi7YI+aW+jgyPqmHMKb+I\/eIOcKZeHyih24R2l7AgjvcvMggC5W8nbNUSu9cpnGWdlPqjTB0D+d7oT5+bGyUabkzh3dJ2t9fzH8gnGtlT1zFzufTmcBCKpbCY6sP\/0lUq7vHjuvu650M0IhuYA8e9G78Y8vHGY8YN9zIOLD+CF2bDXHwqf3VW0Z0KdlLeLkOH0oqFJ9UgLOZLQqYMUReoZ97In3a7hJ65ZurIhpFxCeAoO9kMhJrGIJTN\/Ls9g=="}
01023{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646495785326719,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785351813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":1357,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":1357,"midstream":0,"thread_ts_usec":1646495837102627,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"216.58.212.142","src_port":38642,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"hangouts.google.com"}}
00851{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":489,"packets-processed":488,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":221442,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":39,"total-detection-updates":41,"total-updates":1,"current-active-flows":10,"total-active-flows":43,"total-idle-flows":33,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":352,"global_ts_usec":1646568788171099}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788171099,"flow_dst_last_pkt_time":1646568788171099,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646568788171099,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":489,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":1,"flow_src_last_pkt_time":1646568788171099,"flow_dst_last_pkt_time":1646568788171099,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646568788171099,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAA8AQRAAEAGfpzAqAGA0FUontLaAbs4n4KKAAAAAKAC+vB1NgAAAgQFtAQCCArSjLpwAAAAAAEDAwc="}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":490,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":2,"flow_src_last_pkt_time":1646568788171099,"flow_dst_last_pkt_time":1646568788337647,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1646568788337647,"pkt":"PKn0qB\/spJGxgjQ5CABFAAA8Ke1AAPAGpbLQVSiewKgBgAG70tpN2CtOOJ+Ci6ASOQiNqgAAAgQFtAEDAwAEAggKXyXRHtKMunA="}
01245{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":3,"flow_src_last_pkt_time":1646568788341620,"flow_dst_last_pkt_time":1646568788337647,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1646568788341620,"pkt":"pJGxgjQ5PKn0qB\/sCABFAAI5AQZAAEAGfJ3AqAGA0FUontLaAbs4n4KLTdgrT4AYAfYOtAAAAQEICtKMuxtfJdEeFgMBAgABAAH8AwNyi5pZnYizmESRNRsWFzLDUgF4AIT\/tX3zYbufDRkzzyDMV\/FK528iuv6PxN\/1DD4BU1TMzFBPBIF01ZAvPFWIVwAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAZEAAAAQAA4AAAtwYW5kb3JhLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACBUk5TxRwMmI7m3PUpmyv2jiTq1G62x80KdY2tfOvxfVgAXAEEEr8O4oznU2jNZk5ZC+\/pUpJeqcDtGn2NikTZa2J69CfKpIdzohOHLj9fffI5zTez3ppU6JIFTO2\/VBVQmSVbRwwArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAEAFQCLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01212{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":491,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788341620,"flow_dst_last_pkt_time":1646568788337647,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1646568788341620,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Pandora","proto_id":"91.187","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"pandora.com","domainame":"pandora.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02496{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":4,"flow_src_last_pkt_time":1646568788341620,"flow_dst_last_pkt_time":1646568788508204,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646568788508204,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcKypAAPAGntXQVSiewKgBgAG70tpN2CtPOJ+EkIAQOw3R2QAAAQEICl8l0cnSjLsbFgMDAEgCAABEAwNo6qWT6e\/1EOE1D+AZR8Vs4naBdefqWDyaUGG0R1lPWgDAMAAAHP8BAAEAACMAAAAQAAUAAwJoMgALAAIBAAAXAAAWAwMLGwsACxcACxQABn0wggZ5MIIFYaADAgECAhAP7MxUZLGex6lXawjwhxfCMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xHzAdBgNVBAMTFkdlb1RydXN0IFRMUyBSU0EgQ0EgRzEwHhcNMjEwNTEyMDAwMDAwWhcNMjIwNjEyMjM1OTU5WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEQMA4GA1UEBxMHT2FrbGFuZDEbMBkGA1UEChMSUGFuZG9yYSBNZWRpYSwgTExDMRYwFAYDVQQDDA0qLnBhbmRvcmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LoGaR3iIPqvEeXTbv05uJTB6Leo7xcRxfUuYy1hbg2PXcm2qJrYRPAerIm+xHMeic893B6yHQzbgOWdShnm1akkhpOgsq9F0QetXzUNkTjcbZlCLmdq5jlf3vfthREyg4QbN+AdB01c\/smmbT+z0E9hLUzaSvsRaHFgmFcXMyWvjM9vnlfjWL\/lTx9AfE9NHxQ7h3OIt8gprHw8Q49X26tuJ7UpA6\/jq3dI6iBTPZJq5DWfJfZV59Jm7SWNrH1eerOYNkWAUWMU4bwUzA72WpyBgp2uYtQbDk02KOyqNnEiOVJq9x1CdFR3CblCx62GMIgyODICGnmGP66y7clKIwIDAQABo4IDJDCCAyAwHwYDVR0jBBgwFoAUlE\/UXYvkpOKmgP792PkA76O+AlcwHQYDVR0OBBYEFL8kxVHfMj6x5J3YVWISY19sDk53MCUGA1UdEQQeMByCDSoucGFuZG9yYS5jb22CC3BhbmRvcmEuY29tMA4GA1UdDwEB\/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RUTFNSU0FDQUcxLmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwdgYIKwYBBQUHAQEEajBoMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dlb1RydXN0VExTUlNBQ0FHMS5jcnQwDAYDVR0TAQH\/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF5YkfnKAAABAMARzBFAiEA6AXk1yoGsLTmV+RdMtiPRhFD\/ZZjaHTAF2ECUnMz404CIDfzE2qsS4zhC6HEku87CFrLGCQGGhsEjgun23axlz6tAHYAIkVFB1lVJFaWP6Ev8fdthuAjJmOtwEt\/XcaDXG7iDwIAAAF5YkfnPgAABAMARzBFAiAGvppRMysv1MHzLRQqCNvPV8o\/\/mMCuVtmtThdFQ+EdwIhAJYSZLUsxXWG38tNG6sA\/bMO4+EurcdOzIuEZdCJcjqkAHcAUaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN\/tSLBeUAAAF5YkfnYwAABAMASDBGAiEAjfjiXtb0LCscUWZzFlb4uFD6T\/7cCeZjWyCBFE6ObpECIQCTYZ4="}
01295{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":492,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788341620,"flow_dst_last_pkt_time":1646568788508204,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646568788508204,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Pandora","proto_id":"91.187","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"pandora.com","domainame":"pandora.com","tls": {"version":"TLSv1.2","ja3s":"7047b9d842ee4b3fba6a86353828c915","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
02505{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":493,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_packet_id":5,"flow_src_last_pkt_time":1646568788341620,"flow_dst_last_pkt_time":1646568788508263,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1514,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1514,"pkt_l4_len":1480,"thread_ts_usec":1646568788508263,"pkt":"PKn0qB\/spJGxgjQ5CABFAAXcKytAAPAGntTQVSiewKgBgAG70tpN2DD3OJ+EkIAQOw24TAAAAQEICl8l0cnSjLsbSSJx0yKFmdm3nPU\/\/pu6hn8OzlTt+yhov2sCuPQwDQYJKoZIhvcNAQELBQADggEBADl3kzgunOIeP0qkEGXmIgTdpYGHBWhRYHbS86j+XbiOP6RJDZXd2FFunffazFQ+7BM1MXfE31bp8Xbogw97cXWwuSt06L86aJoq4tCjL11h3Ga8kGwpsVmsbNbSz2AEBaH9vD5rgFbvlNlXyI32rJo1nsNrX9ZxCZ2\/3tKDFbjpX5HrPHMa0lAmZTP\/+773ue5xtqRLbrTR7uvR4RLbzXWhyfQ3A9GhvfJEISN2TIE8HRkFMoKkigvvQr1Sv2IKfcBWfpL+RiqPGawOjauilWOsfWmrQ8xijqA+oY6JeB0STaCW6qphr3ym4pabjabpru3FdSyCmCzvyolyaZ2PYxkABJEwggSNMIIDdaADAgECAhANB3gqEz\/G+aVyluEx\/9F5MA0GCSqGSIb3DQEBCwUAMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMB4XDTE3MTEwMjEyMjMzN1oXDTI3MTEwMjEyMjMzN1owYDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEfMB0GA1UEAxMWR2VvVHJ1c3QgVExTIFJTQSBDQSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4X6Oy+KQrL\/rktYTH9MyQIMi5Z6CHU2DC+bhDIhKA\/uhTl3v16jJIbe86ELfD\/eMQy6KmgfV8G2nubS1OmxhsCFyHhcDut+4PrCFSBqN4SstXGiJYw+QL8OdS9uCLvgEmZ0GK4YdBJ3svCy5elMQYb19hdxtNU3lIBNioN9t7FtjFMzBUlahVvqWsESAzeAEGqKICLLzTTG7U2rTsl0IhCQGw2kW1lshmGwNJ\/OUZY\/jASYFDc7rtz5leQWvYNytcES0dqbzQanZI2Gi7ZTlTtR6wMv\/GAsrr\/R3vpOcRUxJRUmRnxV5mv4hQiW+guu2Mtuq6BvRPc5hdb4JBTSQECAwEAAaOCAUAwggE8MB0GA1UdDgQWBBSUT9Rdi+Sk4qaA\/v3Y+QDvo74CVzAfBgNVHSMEGDAWgBROIlQgGJXm427mD\/r6uRLtBhePOTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB\/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAghwEOoLpxanIZRJcCOMBxjCwriKIYXsrB4b3uLVEnPWTBmFGijqitTUm0FiePMFzj7+xeaccmTeaU\/IvXG4gC32wx4Lv6+t5EgXnAUELQwI3mxsfCE03UnMpuJ814\/mjOll1AWaQKj6d4GIpHoeogD4sxMwIwy6\/aSEYa48ea0PN7gaYQZm1gvIXwRClrliM+5XqTYKv83dfEWlPeFGm3\/e6xT9lv3B8o+1amjOdnj\/jhzWn2vMVxlitaSPcD7tM0EkTQaY\/Z+FeE\/UP9dV8hb+HTIIkYSJX0aWb+4Y5rcNceWY="}
01581{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":494,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":4,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788341620,"flow_dst_last_pkt_time":1646568788673958,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3272,"midstream":0,"thread_ts_usec":1646568788673958,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Pandora","proto_id":"91.187","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"pandora.com","domainame":"pandora.com","tls": {"version":"TLSv1.2","server_names":"*.pandora.com,pandora.com","ja3s":"7047b9d842ee4b3fba6a86353828c915","ja4":"t13d1715h2_5b57614c22b0_3d5424432f57","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1","subjectDN":"C=US, ST=California, L=Oakland, O=Pandora Media, LLC, CN=*.pandora.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"h2","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"40:BB:03:6C:E8:D4:7C:D7:72:59:2F:8D:DB:4B:64:4F:8F:C4:EB:AF","blocks":0}}}
00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":37,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495697787579,"flow_src_last_pkt_time":1646495697805649,"flow_dst_last_pkt_time":1646495697827917,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.142","src_port":56458,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.GoogleDrive","proto_id":"91.217","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
01018{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":43,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646495837086190,"flow_src_last_pkt_time":1646495837086190,"flow_dst_last_pkt_time":1646495837102627,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":1357,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":1357,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.181.238","src_port":36832,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"plus.google.com"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":36,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495669804673,"flow_src_last_pkt_time":1646495669817020,"flow_dst_last_pkt_time":1646495669824646,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"108.138.185.106","src_port":33664,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AmazonVideo","proto_id":"91.240","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video"}}
00975{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":40,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646495749875318,"flow_src_last_pkt_time":1646495750527068,"flow_dst_last_pkt_time":1646495750848034,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1432,"flow_src_tot_l4_payload_len":610,"flow_dst_tot_l4_payload_len":3946,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"129.226.107.210","src_port":45014,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.IFLIX","proto_id":"91.202","proto_by_ip":"Tencent","proto_by_ip_id":285,"encrypted":1,"breed":"Fun","category_id":26,"category":"Video"}}
00962{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":42,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495836963393,"flow_src_last_pkt_time":1646495836983510,"flow_dst_last_pkt_time":1646495837006974,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1418,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1418,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"142.250.185.206","src_port":50608,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":39,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":7,"flow_first_seen":1646495710534404,"flow_src_last_pkt_time":1646495710590410,"flow_dst_last_pkt_time":1646495710610809,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":6170,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.107.42.13","src_port":56836,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
01021{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":41,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":1,"flow_first_seen":1646495785326719,"flow_src_last_pkt_time":1646495785326719,"flow_dst_last_pkt_time":1646495785351813,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1357,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1357,"flow_dst_max_l4_payload_len":1357,"flow_src_tot_l4_payload_len":1357,"flow_dst_tot_l4_payload_len":1357,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"216.58.212.142","src_port":38642,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Google","proto_id":"188.126","proto_by_ip":"Google","proto_by_ip_id":126,"encrypted":1,"breed":"Acceptable","category_id":5,"category":"Web","hostname":"hangouts.google.com"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":38,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":6,"flow_first_seen":1646495710343950,"flow_src_last_pkt_time":1646495710423757,"flow_dst_last_pkt_time":1646495710456993,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":5890,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"13.81.118.91","src_port":33102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.MS_OneDrive","proto_id":"91.221","proto_by_ip":"Azure","proto_by_ip_id":276,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00994{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":35,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646495650748124,"flow_src_last_pkt_time":1646495650812560,"flow_dst_last_pkt_time":1646495650832457,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":675,"flow_dst_tot_l4_payload_len":4252,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"52.113.194.132","src_port":57878,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Microsoft365","proto_id":"91.219","proto_by_ip":"Teams","proto_by_ip_id":250,"encrypted":1,"breed":"Acceptable","category_id":15,"category":"Collaborative"}}
00994{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1646495488872237,"flow_src_last_pkt_time":1646495488882948,"flow_dst_last_pkt_time":1646495488890513,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1448,"midstream":0,"thread_ts_usec":1646568788847834,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"15.160.39.187","src_port":45898,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AppleSiri","proto_id":"91.254","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":32,"category":"VirtAssistant"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":497,"packets-processed":496,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":225679,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":40,"total-detection-updates":43,"total-updates":1,"current-active-flows":1,"total-active-flows":44,"total-idle-flows":43,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":372,"global_ts_usec":1705785496290955}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1705785496290955,"flow_src_last_pkt_time":1705785496290955,"flow_dst_last_pkt_time":1705785496290955,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1705785496290955,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"185.5.161.203","src_port":33920,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":497,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":1,"flow_src_last_pkt_time":1705785496290955,"flow_dst_last_pkt_time":1705785496290955,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1705785496290955,"pkt":"SKmKCiNt8C90rUP1CABFAAA8WxFAAEAGa0rAqFjnuQWhy4SAAbsqMmHbAAAAAKACfXh0jwAAAgQFtAQCCAqBTLs4AAAAAAEDAwc="}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":498,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":2,"flow_src_last_pkt_time":1705785496290955,"flow_dst_last_pkt_time":1705785496317442,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1705785496317442,"pkt":"8C90rUP1SKmKCiNtCABFAAA8AABAADgGzlu5BaHLwKhY5wG7hIDVhr3LKjJh3KAS\/oimXQAAAgQFoAQCCAoinSn+gUy7OAEDAwc="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":499,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":3,"flow_src_last_pkt_time":1705785496317485,"flow_dst_last_pkt_time":1705785496317442,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1705785496317485,"pkt":"SKmKCiNt8C90rUP1CABFAAA0WxJAAEAGa1HAqFjnuQWhy4SAAbsqMmHc1Ya9zIAQAPt0hwAAAQEICoFMu1IinSn+"}
01240{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":4,"flow_src_last_pkt_time":1705785496323878,"flow_dst_last_pkt_time":1705785496317442,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":583,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":583,"pkt_l4_len":549,"thread_ts_usec":1705785496323878,"pkt":"SKmKCiNt8C90rUP1CABFAAI5WxNAAEAGaUvAqFjnuQWhy4SAAbsqMmHc1Ya9zIAYAPt2jAAAAQEICoFMu1kinSn+FgMBAgABAAH8AwO8d+9v3qIRU9wNz54SjddzXu549KyXO6thu2T8PZfnnyDU1fbPV6kWU2dLlSXqCNFMvpC8h+xK9gr84Xnho5S\/PgByEwITAxMBwCzAMACfzKnMqMyqwCvALwCewCTAKABrwCPAJwBnwArAFAA5wAnAEwAzAK0Aq8yuzK3MrACdAKnMqwCsAKoAnACoAD0APMA4wDYAtwCzAJUAkQA1AK8AjcA3wDUAtgCyAJQAkAAvAK4AjAD\/AQABQQAAABoAGAAAFW9yaWdpbi1hLmFrYW1haWhkLm5ldAALAAQDAAECAAoADAAKAB0AFwAeABkAGAAjAAAAFgAAABcAAAANADAALgQDBQMGAwgHCAgICQgKCAsIBAgFCAYEAQUBBgEDAwIDAwECAQMCAgIEAgUCBgIAKwAJCAMEAwMDAgMBAC0AAgEBADMAJgAkAB0AICqrtcK7eBo4FlY6YstREUHv6ElDqtKRJZuEqbYT5qVEABUAigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01350{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":500,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1705785496290955,"flow_src_last_pkt_time":1705785496323878,"flow_dst_last_pkt_time":1705785496317442,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1705785496323878,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"185.5.161.203","src_port":33920,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"origin-a.akamaihd.net","domainame":"origin-a.akamaihd.net","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d571100_131602cb7446_24695f2957a7","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":501,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_packet_id":5,"flow_src_last_pkt_time":1705785496323878,"flow_dst_last_pkt_time":1705785496346014,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1705785496346014,"pkt":"8C90rUP1SKmKCiNtCABFAAA0nSdAADgGMTy5BaHLwKhY5wG7hIDVhr3MKjJj4YAQAfrPYQAAAQEICiKdKhuBTLtZ"}
01395{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":502,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1705785496290955,"flow_src_last_pkt_time":1705785496323878,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"185.5.161.203","src_port":33920,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"origin-a.akamaihd.net","domainame":"origin-a.akamaihd.net","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d571100_131602cb7446_24695f2957a7","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1705785496365954,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"159.153.191.240","src_port":49950,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":503,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_packet_id":1,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1705785496365954,"pkt":"SKmKCiNt8C90rUP1CABFAAA8C2VAAEAGtj3AqFjnn5m\/8MMeAbvHfxkbAAAAAKACfXh5SAAAAgQFtAQCCApBET5ZAAAAAAEDAwc="}
00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":504,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_packet_id":2,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1705785496365954,"pkt":"8C90rUP1SKmKCiNtCABFAAA0TbdAAOYGzfKfmb\/wwKhY5wG7wx6oa+tEx38ZHIASH\/6dRAAAAgQFMgEDAwgBAQQC"}
00528{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":505,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_packet_id":3,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1705785496365954,"pkt":"SKmKCiNt8C90rUP1CABFAAAoC2ZAAEAGtlDAqFjnn5m\/8MMeAbvHfxkcqGvrRVAQAPt5NAAA"}
01225{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_packet_id":4,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1705785496365954,"pkt":"SKmKCiNt8C90rUP1CABFAAItC2dAAEAGtErAqFjnn5m\/8MMeAbvHfxkcqGvrRVAYAPt7OQAAFgMBAgABAAH8AwNMpATgFVI5KZh8V5AOpwq2cPOAlxRAGR3Qk\/nReW436SB9hiCbPSFZhTuwMt6nkt0BVQSWPJDJ5Hd3nIWDT0riJQByEwITAxMBwCzAMACfzKnMqMyqwCvALwCewCTAKABrwCPAJwBnwArAFAA5wAnAEwAzAK0Aq8yuzK3MrACdAKnMqwCsAKoAnACoAD0APMA4wDYAtwCzAJUAkQA1AK8AjcA3wDUAtgCyAJQAkAAvAK4AjAD\/AQABQQAAABQAEgAAD2FjY291bnRzLmVhLmNvbQALAAQDAAECAAoADAAKAB0AFwAeABkAGAAjAAAAFgAAABcAAAANADAALgQDBQMGAwgHCAgICQgKCAsIBAgFCAYEAQUBBgEDAwIDAwECAQMCAgIEAgUCBgIAKwAJCAMEAwMDAgMBAC0AAgEBADMAJgAkAB0AIHUTQ9FOOjOIgeM025r85p4K1kaE63JOhZZCbcPXOTRoABUAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01340{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":506,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1705785496365954,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"159.153.191.240","src_port":49950,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"accounts.ea.com","domainame":"accounts.ea.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d571100_131602cb7446_24695f2957a7","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":507,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_packet_id":5,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1705785496365954,"pkt":"8C90rUP1SKmKCiNtCABFAAAoTbhAAOYGzf2fmb\/wwKhY5wG7wx6oa+tFx38bIVAQAf75kAAAAADOeU3u"}
01767{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":512,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1705785496365954,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1330,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3087,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"159.153.191.240","src_port":49950,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"8": {"risk":"Weak TLS Cipher","severity":"High","risk_score": {"total":150,"client":135,"server":15}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game","hostname":"accounts.ea.com","domainame":"accounts.ea.com","tls": {"version":"TLSv1.2","server_names":"accounts.ea.com","ja3s":"7b6819ed58e8d8415604b7dfcef92d55","ja4":"t13d571100_131602cb7446_24695f2957a7","unsafe_cipher":1,"cipher":"TLS_RSA_WITH_AES_256_CBC_SHA","issuerDN":"C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA","subjectDN":"C=US, ST=CALIFORNIA, L=Redwood City, O=Electronic Arts, Inc., CN=accounts.ea.com","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","fingerprint":"6E:9C:F6:59:DD:52:AA:1B:73:A6:B5:29:71:59:89:7D:B5:46:67:3D","blocks":0}}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":44,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":5,"flow_first_seen":1646568788171099,"flow_src_last_pkt_time":1646568788681368,"flow_dst_last_pkt_time":1646568788847834,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1448,"flow_src_tot_l4_payload_len":643,"flow_dst_tot_l4_payload_len":3594,"midstream":0,"thread_ts_usec":1705785496365954,"l3_proto":"ip4","src_ip":"192.168.1.128","dst_ip":"208.85.40.158","src_port":53978,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Pandora","proto_id":"91.187","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":513,"packets-processed":512,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":231228,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":42,"total-detection-updates":45,"total-updates":1,"current-active-flows":2,"total-active-flows":46,"total-idle-flows":44,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":390,"global_ts_usec":1708371748027374}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708371748027374,"flow_src_last_pkt_time":1708371748027374,"flow_dst_last_pkt_time":1708371748027374,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371748027374,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"160.44.196.198","src_port":54690,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":513,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":1,"flow_src_last_pkt_time":1708371748027374,"flow_dst_last_pkt_time":1708371748027374,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708371748027374,"pkt":"ILAB4IZiNObXAhsnCABFAAA8gTRAAEAGkffAqAH1oCzExtWiAbvECMZsAAAAAKAC+vAnvwAAAgQFtAQCCArUZE7pAAAAAAEDAwc="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":514,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":2,"flow_src_last_pkt_time":1708371748027374,"flow_dst_last_pkt_time":1708371748055776,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1708371748055776,"pkt":"NObXAhsnILAB4IZiCABFAAA0AABAAC8GJDSgLMTGwKgB9QG71aITcGZwxAjGbYASchD5sQAAAgQFrAEBBAIBAwMJ"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":515,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":3,"flow_src_last_pkt_time":1708371748055802,"flow_dst_last_pkt_time":1708371748055776,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1708371748055802,"pkt":"ILAB4IZiNObXAhsnCABFAAAogTVAAEAGkgrAqAH1oCzExtWiAbvECMZtE3BmcVAQAfYnqwAA"}
01426{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":4,"flow_src_last_pkt_time":1708371748057866,"flow_dst_last_pkt_time":1708371748055776,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":718,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":718,"pkt_l4_len":684,"thread_ts_usec":1708371748057866,"pkt":"ILAB4IZiNObXAhsnCABFAALAgTZAAEAGj3HAqAH1oCzExtWiAbvECMZtE3BmcVAYAfYqQwAAFgMBApMBAAKPAwMyDn0RdUfb1BBxG+VQ3qEGilruqcYWoUbWmN+V1odAVCCMmhconeS\/k6MULxRkQuPpc827ZCpA4Sf9lXQJ32am+gAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAiQAAAAVABMAABBjbG91ZC5odWF3ZWkuY29tABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIBvEsm8mS8WIEWgrOp\/CsirysAe3ja7UrOoAMEOAVwQdABcAQQT07LrfQo+pQxdchdz+ppbvXUsLE446MEbg2Wo67iGOEm9eWdPKVoGjCj3e0E5Nbr9mSF\/jYwadj0GL4sX+9HALACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAf4NARkAAAEAAaMAIEiNzfRsrwLLxVRL\/dHhdVyqJqOMWkmaYvssrEv3bOfyAO\/UyLsyJZ6GwIIUvXoFnvsyCFeV4mhKonI+BR01UuNjJ3K76XL6N5mBSkq1o0F\/HMwbbVYYYVapgXptmvDWsMW21PFWU3gmSwbGgVPWl6Huk7tuX1VZt5nFtoPr9f0Pa8MoU+4q1mNUBbvDG08GYhIn1HXbbZ9fwnSjfJAbucPsQ91jxVfq8X0ycu9RQm110CVGQeL0RgQDF3Qapx3p\/gThGcNWizm66A92noOcqlEOg+jg+fVMKCY7cp33evTrFfHeYcwCF0eLK55hypdNa9zJBZ5S\/HophuZVA2h0sNYDLHK+BeIgCUgDLXFQAlbQRg=="}
01230{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":516,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708371748027374,"flow_src_last_pkt_time":1708371748057866,"flow_dst_last_pkt_time":1708371748055776,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":664,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371748057866,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"160.44.196.198","src_port":54690,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"cloud.huawei.com","domainame":"cloud.huawei.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":517,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_packet_id":5,"flow_src_last_pkt_time":1708371748057866,"flow_dst_last_pkt_time":1708371748086119,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1708371748086119,"pkt":"NObXAhsnILAB4IZiCABFAAAo6y5AAC8GORGgLMTGwKgB9QG71aITcGZxxAjJBVAQADypugAAAAAAAAAA"}
02014{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":518,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708371748027374,"flow_src_last_pkt_time":1708371748057866,"flow_dst_last_pkt_time":1708371748089469,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":3907,"flow_src_tot_l4_payload_len":664,"flow_dst_tot_l4_payload_len":3907,"midstream":0,"thread_ts_usec":1708371748089469,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"160.44.196.198","src_port":54690,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"cloud.huawei.com","domainame":"cloud.huawei.com","tls": {"version":"TLSv1.2","server_names":"cloud.huawei.asia,cloud.huawei.com.cn,cloud.huawei.com,cloud.huawei.com.au,cloud.huawei.eu,cloud.huawei.lat,cloud.huawei.ru,*.dbank.com,*.hicloud.com,*.cloud.dbankcloud.cn,*.cloud.dbankcloud.com,*.cloud.dbankcloud.ru,*.cloud.hicloud.com,*.cloud.huawei.asia,*.cloud.huawei.com,*.cloud.huawei.com.au,*.cloud.huawei.com.cn,*.cloud.huawei.eu,*.cloud.huawei.lat,*.cloud.huawei.ru,*.platform.dbankcloud.cn,*.platform.hicloud.com","ja3s":"eb7ce657b6814e1bc6402d66a2309dc6","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018","subjectDN":"C=CN, ST=Jiangsu, L=Nanjing, O=Huawei Software Technologies Co., Ltd., CN=cloud.huawei.asia","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"94:8E:17:DA:5F:C7:62:E4:1E:F0:A5:AB:A0:B9:7B:DE:A5:F4:75:33","blocks":0}}}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708371748597659,"flow_src_last_pkt_time":1708371748597659,"flow_dst_last_pkt_time":1708371748597659,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371748597659,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"80.158.42.215","src_port":49558,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":528,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_packet_id":1,"flow_src_last_pkt_time":1708371748597659,"flow_dst_last_pkt_time":1708371748597659,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708371748597659,"pkt":"ILAB4IZiNObXAhsnCABFAAA8GuNAAEAG4cbAqAH1UJ4q18GWAbtGeurrAAAAAKAC+vA+QQAAAgQFtAQCCAqOfznVAAAAAAEDAwc="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":529,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_packet_id":2,"flow_src_last_pkt_time":1708371748597659,"flow_dst_last_pkt_time":1708371748617222,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1708371748617222,"pkt":"NObXAhsnILAB4IZiCABFAAA0AABAAC0GD7JQnirXwKgB9QG7wZZ+3254Rnrq7IASchDc0wAAAgQFrAEBBAIBAwMJ"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":530,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_packet_id":3,"flow_src_last_pkt_time":1708371748617258,"flow_dst_last_pkt_time":1708371748617222,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1708371748617258,"pkt":"ILAB4IZiNObXAhsnCABFAAAoGuRAAEAG4dnAqAH1UJ4q18GWAbtGeursft9ueVAQAfY+LQAA"}
01432{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_packet_id":4,"flow_src_last_pkt_time":1708371748618338,"flow_dst_last_pkt_time":1708371748617222,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":722,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":722,"pkt_l4_len":688,"thread_ts_usec":1708371748618338,"pkt":"ILAB4IZiNObXAhsnCABFAALEGuVAAEAG3zzAqAH1UJ4q18GWAbtGeursft9ueVAYAfZAyQAAFgMBApcBAAKTAwM+Sw6TSmrEDcklIO727bdgHwapXSvDrs9ApwPBvEEt2yCY4\/GEzjj8CdL3FwX76J\/\/HiTNKlUYxpXVfH9A\/D1qRQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAigAAAAZABcAABRpZDcuY2xvdWQuaHVhd2VpLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACAjf7m9gPIDVzVgl9m8rCY5J0CMB1l81x8pMWMCnhkcUQAXAEEEvLcb08cl3zNeiikrmhgF\/SZ3eaJvSdBuED8YwUkIJ1S2Uroo68H8bX0gAdnVXo5eiQAsfsLfXs9NqrWHpZu4BQArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAH+DQEZAAABAAH2ACA9nsjBc9n\/izbP1oZIaGAv3\/bhQPHdYou6oFLpdR3TswDv+qt9PK+wcddmzsZ6kBtk7fa6JGsm5rvvdc3BVXvr+x75Qzdz1W6AHkvektawD6u0IDMAI73imAxGc5P4AuAOQ3C7kFNGiB0O5rgMuVV7M21GNizTW8NsPsVip6k1mE7dhwjS\/SqjMGod8yta32qgDKxfv6C5DCSGfIM5KcCQerjJIhrTcklLWvHQliGc0PUYp2kRaZcX+3VRwCrNokXeTAmvo1bmpn+us6SSNrDjg6Z7JqekRRffssThB1TQSSSrYcgXjmKRRpcUMjH5OmgecHIC30JWR6DdIWpTdLj0FATw5URrc0F9h75R3aCx2\/s="}
01237{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":531,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708371748597659,"flow_src_last_pkt_time":1708371748618338,"flow_dst_last_pkt_time":1708371748617222,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":668,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":668,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371748618338,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"80.158.42.215","src_port":49558,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"id7.cloud.huawei.com","domainame":"id7.cloud.huawei.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":532,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_packet_id":5,"flow_src_last_pkt_time":1708371748618338,"flow_dst_last_pkt_time":1708371748637757,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1708371748637757,"pkt":"NObXAhsnILAB4IZiCABFAAAo2UpAAC0GNnNQnirXwKgB9QG7wZZ+3255RnrtiFAQADyM2AAAAAAAAAAA"}
02011{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":533,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708371748597659,"flow_src_last_pkt_time":1708371748618338,"flow_dst_last_pkt_time":1708371748641934,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":668,"flow_dst_max_l4_payload_len":3900,"flow_src_tot_l4_payload_len":668,"flow_dst_tot_l4_payload_len":3900,"midstream":0,"thread_ts_usec":1708371748641934,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"80.158.42.215","src_port":49558,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"id7.cloud.huawei.com","domainame":"id7.cloud.huawei.com","tls": {"version":"TLSv1.2","server_names":"avatar.id.huawei.com,hts.huawei.com.cn,*.cdn.hicloud.com,*.cloud.dbankcloud.com,*.cloud.hicloud.com,*.cloud.huawei.asia,*.cloud.huawei.com,*.cloud.huawei.com.au,*.cloud.huawei.com.cn,*.cloud.huawei.eu,*.cloud.huawei.ru,*.dbankcloud.cn,*.dbankcloud.com,*.hicloud.com,*.hms.dbankcloud.cn,*.huawei.com,*.platform.dbankcloud.cn,*.platform.dbankcloud.com,*.platform.dbankcloud.ru,*.platform.hicloud.com,*.vmall.com","ja3s":"eb7ce657b6814e1bc6402d66a2309dc6","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","issuerDN":"C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018","subjectDN":"C=CN, ST=Jiangsu, L=Nanjing, O=Huawei Software Technologies Co., Ltd., CN=avatar.id.huawei.com","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"4F:6B:EE:C1:86:C1:2D:DB:AB:BF:DB:90:42:2D:06:A9:63:FF:76:52","blocks":0}}}
00823{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708371750154536,"flow_src_last_pkt_time":1708371750154536,"flow_dst_last_pkt_time":1708371750154536,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371750154536,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:c044:a6d4:80d:5d55","dst_ip":"2600:9000:25ea:1200:1:12d8:5a00:93a1","src_port":39970,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":551,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_packet_id":1,"flow_src_last_pkt_time":1708371750154536,"flow_dst_last_pkt_time":1708371750154536,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708371750154536,"pkt":"ILAB4IZiNObXAhsnht1gDsawACgGQCABCwcKPcESwESm1AgNXVUmAJAAJeoSAAABEthaAJOhnCIBu2mzL7QAAAAAoAL\/KLFnAAACBAWMBAIICp1EfeQAAAAAAQMDBw=="}
00586{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":552,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_packet_id":2,"flow_src_last_pkt_time":1708371750154536,"flow_dst_last_pkt_time":1708371750157379,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708371750157379,"pkt":"NObXAhsnILAB4IZiht1gDeAtACgGOyYAkAAl6hIAAAES2FoAk6EgAQsHCj3BEsBEptQIDV1VAbucIrjctzlpsy+1oBL\/\/9X0AAACBATEBAIICspyNLidRH3kAQMDCQ=="}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":553,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_packet_id":3,"flow_src_last_pkt_time":1708371750157414,"flow_dst_last_pkt_time":1708371750157379,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708371750157414,"pkt":"ILAB4IZiNObXAhsnht1gDsawACAGQCABCwcKPcESwESm1AgNXVUmAJAAJeoSAAABEthaAJOhnCIBu2mzL7W43Lc6gBAB\/7FfAAABAQgKnUR958pyNLg="}
01489{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_packet_id":4,"flow_src_last_pkt_time":1708371750158421,"flow_dst_last_pkt_time":1708371750157379,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":764,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":764,"pkt_l4_len":710,"thread_ts_usec":1708371750158421,"pkt":"ILAB4IZiNObXAhsnht1gDsawAsYGQCABCwcKPcESwESm1AgNXVUmAJAAJeoSAAABEthaAJOhnCIBu2mzL7W43Lc6gBgB\/7QFAAABAQgKnUR96MpyNLgWAwECoQEAAp0DA0lhCxZfHJxOLvTjSJDu4bOLSSpK6Z0wtJUVWTwBPDKXIKMEDyWEoDyKuKyP12dVNul0vecxGrfnmzBFntrbF0ngACITARMDEwLAK8AvzKnMqMAswDDACsAJwBPAFACcAJ0ALwA1AQACMgAAACMAIQAAHmNvbnRlbnRjZW50ZXItZHJlLmRiYW5rY2RuLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACDpj5aM9rjS5Xw7ViF9USpkgtp+vbu8zyEsqmNqymilMwAXAEEEli8s8GLgAzgsLcfOsYxrSM+Tk9g28iWs8Z5YgoFqkYV7skglWG1mcGiEgbsUL27l37sTaiUhj9JyeTz7\/Rxk\/AArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAH+DQEZAAABAAGyACBGjkJG8A4FFXcLd8bQRtu3GnJJmfPPiwZFPoNYJ8k\/6ADviwxEIHbFL7CsRproYUXtYU3Cky4HFbbeuWk3q+3hO0hYI9kjRpwD5igAo\/Yii3uLz+g2+QN2Bbo\/4q7pdqXpJD21KTfS1DV8xzRHmkZq+RA4G9\/8KCA4hvD+aBZiLZ9mA\/0riNGEMOz1Gu+0DeGOr1twDTvw04HJ25rs14KZTlTRMSD0c1RcMuocWQqt3We6rFme5rDloX+sLLUhGLEP2+YEWLmOS5XPhc7ZpPWgrEghaUk\/BO56RYvMqb1E3wtiXexuged5IdBtQZZieoRz+DZlCYqE0HuLjWHRcwPSKnSz9nwBSRxSQqR9qEBAvhQ="}
01307{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":554,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708371750154536,"flow_src_last_pkt_time":1708371750158421,"flow_dst_last_pkt_time":1708371750157379,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":678,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":678,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708371750158421,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:c044:a6d4:80d:5d55","dst_ip":"2600:9000:25ea:1200:1:12d8:5a00:93a1","src_port":39970,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"contentcenter-dre.dbankcdn.com","domainame":"contentcenter-dre.dbankcdn.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":555,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_packet_id":5,"flow_src_last_pkt_time":1708371750158421,"flow_dst_last_pkt_time":1708371750161538,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708371750161538,"pkt":"NObXAhsnILAB4IZiht1gDeAtACAGOyYAkAAl6hIAAAES2FoAk6EgAQsHCj3BEsBEptQIDV1VAbucIrjctzppszJbgBAAgwCiAAABAQgKynI0vJ1Efeg="}
01352{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":556,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708371750154536,"flow_src_last_pkt_time":1708371750158421,"flow_dst_last_pkt_time":1708371750161724,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":678,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":678,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1708371750161724,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:c044:a6d4:80d:5d55","dst_ip":"2600:9000:25ea:1200:1:12d8:5a00:93a1","src_port":39970,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud","hostname":"contentcenter-dre.dbankcdn.com","domainame":"contentcenter-dre.dbankcdn.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
01220{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":46,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":1705785496365954,"flow_src_last_pkt_time":1705785496365954,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1330,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":3087,"midstream":0,"thread_ts_usec":1708371750169001,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"159.153.191.240","src_port":49950,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"8": {"risk":"Weak TLS Cipher","severity":"High","risk_score": {"total":150,"client":135,"server":15}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
01115{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":45,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1705785496290955,"flow_src_last_pkt_time":1705785496323878,"flow_dst_last_pkt_time":1705785496365954,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1428,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1428,"midstream":0,"thread_ts_usec":1708371750169001,"l3_proto":"ip4","src_ip":"192.168.88.231","dst_ip":"185.5.161.203","src_port":33920,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}}},"confidence": {"6":"DPI"},"proto":"TLS.ElectronicArts","proto_id":"91.389","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":8,"category":"Game"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":563,"packets-processed":562,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":263723,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":45,"total-detection-updates":48,"total-updates":1,"current-active-flows":3,"total-active-flows":49,"total-idle-flows":46,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":417,"global_ts_usec":1708719352773616}
00808{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708719352773616,"flow_src_last_pkt_time":1708719352773616,"flow_dst_last_pkt_time":1708719352773616,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719352773616,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48594,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":563,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":1,"flow_src_last_pkt_time":1708719352773616,"flow_dst_last_pkt_time":1708719352773616,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719352773616,"pkt":"ILAB4IZiNObXAhsnht1gDW8BACgGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvdIBu4y3QWIAAAAAoAL\/KM6bAAACBAWMBAIICh++fS8AAAAAAQMDBw=="}
00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":564,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":2,"flow_src_last_pkt_time":1708719352773616,"flow_dst_last_pkt_time":1708719352791118,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719352791118,"pkt":"NObXAhsnILAB4IZiht1gDcpXACgGNiABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu90sxyPm+Mt0FjoBJvkDRGAAACBATEBAIICmIWPwsfvn0vAQMDCg=="}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":565,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":3,"flow_src_last_pkt_time":1708719352791156,"flow_dst_last_pkt_time":1708719352791118,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708719352791156,"pkt":"ILAB4IZiNObXAhsnht1gDW8BACAGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvdIBu4y3QWPMcj5wgBAB\/86TAAABAQgKH759QGIWPws="}
01469{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":4,"flow_src_last_pkt_time":1708719352792127,"flow_dst_last_pkt_time":1708719352791118,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":750,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":750,"pkt_l4_len":696,"thread_ts_usec":1708719352792127,"pkt":"ILAB4IZiNObXAhsnht1gDW8BArgGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvdIBu4y3QWPMcj5wgBgB\/9ErAAABAQgKH759QWIWPwsWAwECkwEAAo8DA6ujqAy\/6y3hUY70Osz6gKW2l2GwQsMvIoyB04aRYxlaIAWoUFwbBjMUZfPnIe3nZwzCWbpqrG+ewEzNoCa3GjONACITARMDEwLAK8AvzKnMqMAswDDACsAJwBPAFACcAJ0ALwA1AQACJAAAABUAEwAAEHdlYi50ZWxlZ3JhbS5vcmcAFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgTtfH2HLD0eOJLtDNK\/YFMix9Y6l3jtWh5mj7+g1A8zEAFwBBBDVe5Lt6byF5Yopf750h5AQ022KO6sP+Wh7UALN6epLZS3F2llHNAJU4ZDCLOst5ePt3SYMfR37wQOnZLAkXC5wAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkAB\/g0BGQAAAQAB3AAgdEV+iggpTFLyI5A2+9V2xCM4gfr+OlV0ae+vpemj6l8A7zQux0C785JF7TH9SKydB1bZZkyzIzbZ6iHI0CzjOnZGy0mp68IjijulKqtLV\/IE\/V6WjAn4oMM1J3jwNGQjxlzZHoTqyuvCXBLQBjF2YPkAdTTArUmIVlDeG\/dTUt0v5Z0hqbnLQUmFBztOLmgN7iU\/XVAYQYn8T1G4YUedn3nPJFrY2pGQlP32CY6Tg5NqAxZqDljGWLFxZ\/GJLHdX82KvMwj9YsLDRnDXRP2ucO1UoxRJNvfwSgeHRF0uANMC+GtdjcwyAxlCaFlU2kbT7YBeExbEbNCfi2osndlyTDGUvFpugMJGswDzP7cQC+0S"}
01258{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":566,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708719352773616,"flow_src_last_pkt_time":1708719352792127,"flow_dst_last_pkt_time":1708719352791118,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":664,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719352792127,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48594,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"web.telegram.org","domainame":"web.telegram.org","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":567,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_packet_id":5,"flow_src_last_pkt_time":1708719352792127,"flow_dst_last_pkt_time":1708719352809518,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708719352809518,"pkt":"NObXAhsnILAB4IZiht1gDcpXACAGNiABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu90sxyPnCMt0P7gBAAHs7pAAABAQgKYhY\/Dx++fUE="}
01303{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":568,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708719352773616,"flow_src_last_pkt_time":1708719352792127,"flow_dst_last_pkt_time":1708719352810168,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":664,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1708719352810168,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48594,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"web.telegram.org","domainame":"web.telegram.org","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00808{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708719353812053,"flow_src_last_pkt_time":1708719353812053,"flow_dst_last_pkt_time":1708719353812053,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719353812053,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48616,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":569,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_packet_id":1,"flow_src_last_pkt_time":1708719353812053,"flow_dst_last_pkt_time":1708719353812053,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719353812053,"pkt":"ILAB4IZiNObXAhsnht1gDLThACgGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvegBuzdAki0AAAAAoAL\/KM6bAAACBAWMBAIICh++gT0AAAAAAQMDBw=="}
00808{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708719353825157,"flow_src_last_pkt_time":1708719353825157,"flow_dst_last_pkt_time":1708719353825157,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719353825157,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":570,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_packet_id":1,"flow_src_last_pkt_time":1708719353825157,"flow_dst_last_pkt_time":1708719353825157,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719353825157,"pkt":"ILAB4IZiNObXAhsnht1gCuiPACgGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvfABu1SDeskAAAAAoAL\/KM6bAAACBAWMBAIICh++gUoAAAAAAQMDBw=="}
00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":571,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_packet_id":2,"flow_src_last_pkt_time":1708719353812053,"flow_dst_last_pkt_time":1708719353829289,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719353829289,"pkt":"NObXAhsnILAB4IZiht1gAnpiACgGNiABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu96NXQNs43QJIuoBJvkMo8AAACBATEBAIICqLYZx0fvoE9AQMDCg=="}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":572,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_packet_id":3,"flow_src_last_pkt_time":1708719353829393,"flow_dst_last_pkt_time":1708719353829289,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708719353829393,"pkt":"ILAB4IZiNObXAhsnht1gDLThACAGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvegBuzdAki7V0DbPgBAB\/86TAAABAQgKH76BTqLYZx0="}
01456{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_packet_id":4,"flow_src_last_pkt_time":1708719353834468,"flow_dst_last_pkt_time":1708719353829289,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":738,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":738,"pkt_l4_len":684,"thread_ts_usec":1708719353834468,"pkt":"ILAB4IZiNObXAhsnht1gDLThAqwGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvegBuzdAki7V0DbPgBgB\/9EfAAABAQgKH76BVKLYZx0WAwEChwEAAoMDA2PO50s5hnkiooLZ5ROFKx4Yl9kBwNJlLY8mJUkXV4AkIL2Lcr32fPUXuTsU+QyRvNryiWJjI\/VahxY8YarBGJi8ACITARMDEwLAK8AvzKnMqMAswDDACsAJwBPAFACcAJ0ALwA1AQACGAAAAAkABwAABHQubWUAFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAACIACgAIBAMFAwYDAgMAMwBrAGkAHQAgxl4Mvli07L0tmNC3XBPjNd1arxEPUQLGrms9CcfUtQ0AFwBBBOIKF7uup3AK2oFiAa7\/zHT2G1PiNNhovqqVDHjJq5xAaST\/7XQ7\/hBaHNH9P1ijIZfxKWKLNNg05I7Ca9rlHGkAKwAFBAMEAwMADQAYABYEAwUDBgMIBAgFCAYEAQUBBgECAwIBAC0AAgEBABwAAkAB\/g0BGQAAAQABMAAgj22+NZ+5P15qItp3GhivG3t4IXOSGcLQOzXbKd3xWmcA73NDOJC9bQZMPtrJ4QkirbbAj5Rpk7\/5PIOqYG\/mE5j1XrsdZ2DDd0HKncTFPLgxVCiVPulsaI\/G\/KnE+MnDPra2F1L9LTX38OUjn\/GptivtBOJb+Ju6BpVBGZ2wBu+3nsTryoZYxTtGJD6fjmP2xMEvLjFgDrC\/CL6BhEzGKyzo9NL+MM9Yb8S3tG1tYVuFdvnRw8DLMD2Q3D5UAuY64wU0IsRRMNSTDlhoYvbwRRDIAAGbzqjUIKhYCPxtzs627qevGeCwqpTMJrPrXkHM4s9I2sTsOMHMt79HbOfyPyHPFIOBpJhpl1kLVhqNXyyR"}
01234{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":573,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708719353812053,"flow_src_last_pkt_time":1708719353834468,"flow_dst_last_pkt_time":1708719353829289,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":652,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":652,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719353834468,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48616,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"t.me","domainame":"t.me","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00584{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":574,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_packet_id":2,"flow_src_last_pkt_time":1708719353825157,"flow_dst_last_pkt_time":1708719353842290,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1708719353842290,"pkt":"NObXAhsnILAB4IZiht1gCqZzACgGNSABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu98LVQWThUg3rKoBJvkBBGAAACBATEBAIICtgl4+gfvoFKAQMDCg=="}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":575,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_packet_id":3,"flow_src_last_pkt_time":1708719353842359,"flow_dst_last_pkt_time":1708719353842290,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708719353842359,"pkt":"ILAB4IZiNObXAhsnht1gCuiPACAGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvfABu1SDesq1UFk5gBAB\/86TAAABAQgKH76BW9gl4+g="}
01460{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":576,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_packet_id":4,"flow_src_last_pkt_time":1708719353843817,"flow_dst_last_pkt_time":1708719353842290,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":745,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":745,"pkt_l4_len":691,"thread_ts_usec":1708719353843817,"pkt":"ILAB4IZiNObXAhsnht1gCuiPArMGQCABCwcKPcESmgC6eIax4XcgAQZ8BOjwBAAAAAAAAAAJvfABu1SDesq1UFk5gBgB\/9EmAAABAQgKH76BXdgl4+gWAwECjgEAAooDA+ePucITQAbSyU02ILMN0dZyDaMcG3ljpGgdlWT9nXTFIEHQiUtenqR2P4zC4pWic0m7yGuHoht+IoqnPKCdOq5zACITARMDEwLAK8AvzKnMqMAswDDACsAJwBPAFACcAJ0ALwA1AQACHwAAABAADgAAC3RlbGVncmFtLm1lABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AILPPrkLskNrLqhnwv3aresxhWs+gA7UCJkYCiyB+xe8vABcAQQRVr37LvExw9rvWVGjoyYMaewpE0vFpVcxZXxIjyj+y2PK3iQIRVouerZ6GxILh13GoO9xIoae6UwjN64jZppRTACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAf4NARkAAAEAAdoAICZJ9l3pcXxTS\/6oamFumLFWo+C+TUYT9v0cd+ysuaBZAO93yIqn7HgEMVf8AMRLwRsvzCG8NACEzk9FSknefWuA1kB9PAn0K2kVYflMrilZpiQBicp1O5VRhl3WTUEWwUO6F4zCWXyPPodoD70db0aq\/b+6nbA+sNpz6XVyFQwlM9jTVHbsSpgYbAuYXdGZ+5a0Zstzll88NCYHKkc+fndzraqnmllDBiUeGWzr4tQtlOwzsDpZ79rqrIXLdbrKBTAKz54rWCPLMrkOR2ZYm3WhysOa2kB8DLT2UDMnxpdLr+m3glRKTTq2nCclAFX4lkouOuhwAWO\/4g\/oJZ5K1rv309+102hH4w95DWvujrzBFg=="}
01248{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":576,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708719353825157,"flow_src_last_pkt_time":1708719353843817,"flow_dst_last_pkt_time":1708719353842290,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708719353843817,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48624,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"telegram.me","domainame":"telegram.me","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":577,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_packet_id":5,"flow_src_last_pkt_time":1708719353834468,"flow_dst_last_pkt_time":1708719353852072,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708719353852072,"pkt":"NObXAhsnILAB4IZiht1gAnpiACAGNiABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu96NXQNs83QJS6gBAAHmTlAAABAQgKothnIx++gVQ="}
01279{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":578,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708719353812053,"flow_src_last_pkt_time":1708719353834468,"flow_dst_last_pkt_time":1708719353853009,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":652,"flow_dst_max_l4_payload_len":4096,"flow_src_tot_l4_payload_len":652,"flow_dst_tot_l4_payload_len":4096,"midstream":0,"thread_ts_usec":1708719353853009,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48616,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"t.me","domainame":"t.me","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":582,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_packet_id":5,"flow_src_last_pkt_time":1708719353843817,"flow_dst_last_pkt_time":1708719353862647,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1708719353862647,"pkt":"NObXAhsnILAB4IZiht1gCqZzACAGNSABBnwE6PAEAAAAAAAAAAkgAQsHCj3BEpoAuniGseF3Abu98LVQWTlUg31dgBAAHqrsAAABAQgK2CXj7R++gV0="}
01293{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":583,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708719353825157,"flow_src_last_pkt_time":1708719353843817,"flow_dst_last_pkt_time":1708719353862648,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":2416,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":2416,"midstream":0,"thread_ts_usec":1708719353862648,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48624,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat","hostname":"telegram.me","domainame":"telegram.me","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00987{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":48,"flow_state":"info","flow_src_packets_processed":14,"flow_dst_packets_processed":9,"flow_first_seen":1708371748597659,"flow_src_last_pkt_time":1708371749213915,"flow_dst_last_pkt_time":1708371749213883,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1027,"flow_dst_max_l4_payload_len":3900,"flow_src_tot_l4_payload_len":3616,"flow_dst_tot_l4_payload_len":12100,"midstream":0,"thread_ts_usec":1708719353862698,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"80.158.42.215","src_port":49558,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00986{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":47,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":7,"flow_first_seen":1708371748027374,"flow_src_last_pkt_time":1708371748206605,"flow_dst_last_pkt_time":1708371748165737,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":4380,"flow_src_tot_l4_payload_len":1281,"flow_dst_tot_l4_payload_len":9124,"midstream":0,"thread_ts_usec":1708719353862698,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"160.44.196.198","src_port":54690,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
01035{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":49,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":4,"flow_first_seen":1708371750154536,"flow_src_last_pkt_time":1708371750169001,"flow_dst_last_pkt_time":1708371750165742,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":678,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":1269,"flow_dst_tot_l4_payload_len":5105,"midstream":0,"thread_ts_usec":1708719353862698,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:c044:a6d4:80d:5d55","dst_ip":"2600:9000:25ea:1200:1:12d8:5a00:93a1","src_port":39970,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.HuaweiCloud","proto_id":"91.399","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":13,"category":"Cloud"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":585,"packets-processed":584,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":277398,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":48,"total-detection-updates":51,"total-updates":1,"current-active-flows":3,"total-active-flows":52,"total-idle-flows":49,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":445,"global_ts_usec":1708962497309716}
00774{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1708962497309716,"flow_src_last_pkt_time":1708962497309716,"flow_dst_last_pkt_time":1708962497309716,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708962497309716,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"5.61.23.30","src_port":46174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":585,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":1,"flow_src_last_pkt_time":1708962497309716,"flow_dst_last_pkt_time":1708962497309716,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708962497309716,"pkt":"ILAB4IZiNObXAhsnCABFAAA8tohAAEAGpTvAqAH1BT0XHrReAbvuMckPAAAAAKAC+vDfJgAAAgQFtAQCCAoHPO3YAAAAAAEDAww="}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":586,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":2,"flow_src_last_pkt_time":1708962497309716,"flow_dst_last_pkt_time":1708962497355167,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1708962497355167,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAADYGZcQFPRcewKgB9QG7tF7fzYik7jHJEKASqbCmNAAAAgQFoAQCCApaSfP3Bzzt2AEDAwk="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":587,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":3,"flow_src_last_pkt_time":1708962497355205,"flow_dst_last_pkt_time":1708962497355167,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1708962497355205,"pkt":"ILAB4IZiNObXAhsnCABFAAA0tolAAEAGpULAqAH1BT0XHrReAbvuMckQ382IpYAQABDfHgAAAQEICgc87gZaSfP3"}
01675{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":4,"flow_src_last_pkt_time":1708962497356463,"flow_dst_last_pkt_time":1708962497355167,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":905,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":905,"pkt_l4_len":871,"thread_ts_usec":1708962497356463,"pkt":"ILAB4IZiNObXAhsnCABFAAN7topAAEAGofrAqAH1BT0XHrReAbvuMckQ382IpYAYABDiZQAAAQEICgc87gdaSfP3FgMBA0IBAAM+AwOCmeBofRmP1t6rRdvpe4xoh+90dDlovNxAn5bQrK0+QiCsGbOE2l+NlYKwiO5+BjoOwzr6Wc42warKOij2rNdX9gAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAtMAAAAUABIAAA83MzIyMzEubXMub2sucnUAFwAA\/wEAAQAACgAOAAwAHQAXABgAGQEAAQEACwACAQAAIwCw2T\/akXahdF0A3JSQ9zjbKCF+fKEI+biEEcSUvRViqUmIyF7Qpbjy75MC5xgjmLSg5CPth0Nw+KqLlp7bdYVFXjMHxeH6oR67o+gmXHDsXrDXi249Wr7qiiMqiIQ6J5ysPCQseP+7QaS631uHn5xg1lr8c+Ymx+UyXBu0rTrUresvchV11ExFXMeeI33tP\/q8eJCI9PpIvLKamLRM5Qplz4WTzHdE6UMZbGyNEcJ8wfUAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACC1Sp7pRm17+6NBI1Hn663oYslRtVnRXqsEJrJy9XlBSQAXAEEEut5Ig3IwNeItQQ1b\/R1S+Z6elJ1davm3i\/NksNQmvz5WnQMNJW8by7K4vCKJW0A4spWRlmiozkyy0OZSDhLzUAArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAH+DQEZAAABAAEiACBmojkgSmyCE1\/Q+T\/qcxwep2VZCkYGYtZIX6nmi5oNxADvXzksQY\/ZxqHdsVYpTuZBmvetHvN4ZrPomyNqf2oE9Cj6Q0nwpVkV655egDOW4ATcaGznopehBQ8ZMO7d8W7ukGVKp+T+XIhbN2NbLG4dZd6TYTHYZFGjUGvbFI2Seei\/bkR2MdBvwDl7IeHhUgCVb4mwTKtkN0XDepWw7lxuhWNcKCCijBdZcUYgbjwRD2DWiHYpJOWtSMUQq4MS+ooKeNTNFmWdawh9nBvOiNxShLPIMhXrvTAStTCp+4HwuBXkgOi5uf7UXSsuGupCUCCd1KkXJ3uon1dBuY9DnC5N8CM4ziF5E3+cvfLMzYBZr6M="}
01199{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":588,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1708962497309716,"flow_src_last_pkt_time":1708962497356463,"flow_dst_last_pkt_time":1708962497355167,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":839,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":839,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1708962497356463,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"5.61.23.30","src_port":46174,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"732231.ms.ok.ru","domainame":"732231.ms.ok.ru","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_packet_id":5,"flow_src_last_pkt_time":1708962497356463,"flow_dst_last_pkt_time":1708962497401552,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1708962497401552,"pkt":"NObXAhsnILAB4IZiCABFAAA0QFBAADYGJXwFPRcewKgB9QG7tF7fzYil7jHMV4AQAFR6pwAAAQEIClpJ9CUHPO4H"}
01680{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":590,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708962497309716,"flow_src_last_pkt_time":1708962497356463,"flow_dst_last_pkt_time":1708962497402582,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":839,"flow_dst_max_l4_payload_len":2170,"flow_src_tot_l4_payload_len":839,"flow_dst_tot_l4_payload_len":2170,"midstream":0,"thread_ts_usec":1708962497402582,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"5.61.23.30","src_port":46174,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"732231.ms.ok.ru","domainame":"732231.ms.ok.ru","tls": {"version":"TLSv1.2","server_names":"*.ok.ru,odnoklassniki.ru,ok.me,okl.lt,oklive.app,tamtam.chat,tt.me,*.odnoklassniki.ru,*.ok.me,*.okl.lt,*.oklive.app,*.tamtam.chat,*.tt.me,*.ms.ok.ru,ms.ok.ru,ok.ru","ja3s":"4ef1b297bb817d8212165a86308bac5f","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018","subjectDN":"C=RU, ST=Moscow, L=Moscow, O=VK LLC, CN=*.ok.ru","advertised_alpns":"h2,http\/1.1","negotiated_alpn":"http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","fingerprint":"66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3","blocks":0}}}
01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":50,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1708719352773616,"flow_src_last_pkt_time":1708719352792127,"flow_dst_last_pkt_time":1708719352810168,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":664,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":664,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1708962497540736,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48594,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":51,"flow_state":"info","flow_src_packets_processed":5,"flow_dst_packets_processed":4,"flow_first_seen":1708719353812053,"flow_src_last_pkt_time":1708719353853281,"flow_dst_last_pkt_time":1708719353853244,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":652,"flow_dst_max_l4_payload_len":4096,"flow_src_tot_l4_payload_len":652,"flow_dst_tot_l4_payload_len":5660,"midstream":0,"thread_ts_usec":1708962497540736,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48616,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
01013{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":52,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":1708719353825157,"flow_src_last_pkt_time":1708719353862698,"flow_dst_last_pkt_time":1708719353862648,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":2416,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":2416,"midstream":0,"thread_ts_usec":1708962497540736,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:9a00:ba78:86b1:e177","dst_ip":"2001:67c:4e8:f004::9","src_port":48624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Telegram","proto_id":"91.185","proto_by_ip":"Telegram","proto_by_ip_id":185,"encrypted":1,"breed":"Acceptable","category_id":9,"category":"Chat"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":605,"packets-processed":604,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":281689,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":49,"total-detection-updates":52,"total-updates":1,"current-active-flows":1,"total-active-flows":53,"total-idle-flows":52,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":457,"global_ts_usec":1713874727209515}
00780{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1713874727209515,"flow_src_last_pkt_time":1713874727209515,"flow_dst_last_pkt_time":1713874727209515,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874727209515,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"116.211.202.129","src_port":55272,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":1,"flow_src_last_pkt_time":1713874727209515,"flow_dst_last_pkt_time":1713874727209515,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874727209515,"pkt":"SKmKCiNtCAAnZaFTCABFAAA0IZVAAIAGAADAqFirdNPKgdfoAbu+XAjuAAAAAIAC+vBYzwAAAgQFtAEDAwgBAQQC"}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":2,"flow_src_last_pkt_time":1713874727209515,"flow_dst_last_pkt_time":1713874727497923,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874727497923,"pkt":"CAAnZaFTSKmKCiNtCABFAAA0IZVAACgG2IZ008qBwKhYqwG71+hkrGzzvlwI74AS+vCq9AAAAgQFoAEBAQEBAQQC"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":3,"flow_src_last_pkt_time":1713874727497962,"flow_dst_last_pkt_time":1713874727497923,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1713874727497962,"pkt":"SKmKCiNtCAAnZaFTCABFAAAoIZZAAIAGAADAqFirdNPKgdfoAbu+XAjvZKxs9FAQ+vBYwwAA"}
01225{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":4,"flow_src_last_pkt_time":1713874727498785,"flow_dst_last_pkt_time":1713874727497923,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1713874727498785,"pkt":"SKmKCiNtCAAnZaFTCABFAAItIZdAAIAGAADAqFirdNPKgdfoAbu+XAjvZKxs9FAY+vBayAAAFgMBAgABAAH8AwOJ1RJlc++jCOpouTROoQ+xXjq7WtwwcCpqGK2JTxfUbyDiCYNUH\/QzGS8W\/bTLPdawn3LZytuLPYd7RkLWJWWFHwA+EwITAxMBwCzAMACfzKnMqMyqwCvALwCewCTAKABrwCPAJwBnwArAFAA5wAnAEwAzAJ0AnAA9ADwANQAvAP8BAAF1AAAAGwAZAAAWb3Bwb3J0dW5hcmNoLmlxaXlpLmNvbQALAAQDAAECAAoADAAKAB0AFwAeABkAGDN0AAAAEAAOAAwCaDIIaHR0cC8xLjEAFgAAABcAAAAxAAAADQAwAC4EAwUDBgMIBwgICAkICggLCAQIBQgGBAEFAQYBAwMCAwMBAgEDAgICBAIFAgYCACsACQgDBAMDAwIDAQAtAAIBAQAzACYAJAAdACA\/9LIesqIgGU9lzs7u5QOxfcj7Yq13zNQclTChSgAoEAAVAKcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01248{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1713874727209515,"flow_src_last_pkt_time":1713874727498785,"flow_dst_last_pkt_time":1713874727497923,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874727498785,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"116.211.202.129","src_port":55272,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"opportunarch.iqiyi.com","domainame":"opportunarch.iqiyi.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d3113h2_e8f1e7e78f70_1b3407e2c936","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_packet_id":5,"flow_src_last_pkt_time":1713874727498785,"flow_dst_last_pkt_time":1713874727797088,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1713874727797088,"pkt":"CAAnZaFTSKmKCiNtCABFAAAoK09AACUG0dh008qBwKhYqwG71+hkrGz0vlwK9FAQdUBtVgAAAADrPO+R"}
01293{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713874727209515,"flow_src_last_pkt_time":1713874727498785,"flow_dst_last_pkt_time":1713874727797620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713874727797620,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"116.211.202.129","src_port":55272,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"opportunarch.iqiyi.com","domainame":"opportunarch.iqiyi.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d3113h2_e8f1e7e78f70_1b3407e2c936","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1713874733252417,"flow_src_last_pkt_time":1713874733252417,"flow_dst_last_pkt_time":1713874733252417,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874733252417,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"184.86.2.194","src_port":55468,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_packet_id":1,"flow_src_last_pkt_time":1713874733252417,"flow_dst_last_pkt_time":1713874733252417,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874733252417,"pkt":"SKmKCiNtCAAnZaFTCABFAAA0YRJAAIAGAADAqFiruFYCwtisAbsu+PXbAAAAAIAC+vDUkgAAAgQFtAEDAwgBAQQC"}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_packet_id":2,"flow_src_last_pkt_time":1713874733252417,"flow_dst_last_pkt_time":1713874733275989,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874733275989,"pkt":"CAAnZaFTSKmKCiNtCABFIAA0AABAADkGbTi4VgLCwKhYqwG72KwwiLhDLvj13IAS+vC3rwAAAgQFoAEBBAIBAwMH"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_packet_id":3,"flow_src_last_pkt_time":1713874733276046,"flow_dst_last_pkt_time":1713874733275989,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1713874733276046,"pkt":"SKmKCiNtCAAnZaFTCABFAAAoYRRAAIAGAADAqFiruFYCwtisAbsu+PXcMIi4RFAQBAXUhgAA"}
01294{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_packet_id":4,"flow_src_last_pkt_time":1713874733276281,"flow_dst_last_pkt_time":1713874733275989,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":622,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":622,"pkt_l4_len":588,"thread_ts_usec":1713874733276281,"pkt":"SKmKCiNtCAAnZaFTCABFAAJgYRZAAIAGAADAqFiruFYCwtisAbsu+PXcMIi4RFAYBAXWvgAAFgMBAjMBAAIvAwM36gHQ8WJD1nEl8wiu1LqX\/jct7N70ybcAycpHJyRGviBLiHRDq3aFqg2CodnqrsXXF4RTmJo4z6On72ECHUJjZAAgiooTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAHGGhoAAP8BAAEAAC0AAgEBABcAAAALAAIBAERpAAUAAwJoMgAbAAMCAAIAIwAAAAUABQEAAAAAABAADgAMAmgyCGh0dHAvMS4xAAoACgAIiooAHQAXABgAEgAA\/g0A+gAAAQAB6QAgikkjaMLn4qFX6CZIoAyBKDeRkwH+M+tclUeqJopmZVwA0K+2kHwBNMF5+kzhOcY51BnKsRXfeeuNDdCjKwUVDvzTCV\/N76H7KDb3T19A4Q+nWMkej3ifilmJbQUMqQPokmxQdqUZ1YJqFq8TqENfz7iVn1Rz737Q7DaaB0FfQm7dSico1zdg105P115swwMhHZP+\/Otlvs5MKFpcae8iFD0mNA2lZQW6FJN7mjesIpN0tGMtcqJJ3miAWpfYrB+WzIHnj5U7eLuONZMWUdXjaoMnWals0AfPokLuu0nxuEcHra2da11HxywfjHXqpMsTDtgADQASABAEAwgEBAEFAwgFBQEIBgYBAAAAFQATAAAQc3RjLmlxaXlpcGljLmNvbQAzACsAKYqKAAEAAB0AIA6JmKmQY52DGDMLSrlUQAPjRLERtj0oC6x1Giau13lMACsABwbKygMEAwOqqgABAA=="}
01226{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1713874733252417,"flow_src_last_pkt_time":1713874733276281,"flow_dst_last_pkt_time":1713874733275989,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":568,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":568,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874733276281,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"184.86.2.194","src_port":55468,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"stc.iqiyipic.com","domainame":"stc.iqiyipic.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1516h2_8daaf6152771_02713d6af862","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_packet_id":5,"flow_src_last_pkt_time":1713874733276281,"flow_dst_last_pkt_time":1713874733299535,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1713874733299535,"pkt":"CAAnZaFTSKmKCiNtCABFIAAonKFAADkG0KK4VgLCwKhYqwG72KwwiLhELvj4FFAQAfXvMQAAAAC7f6Mm"}
01271{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713874733252417,"flow_src_last_pkt_time":1713874733276281,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":568,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":568,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"184.86.2.194","src_port":55468,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"stc.iqiyipic.com","domainame":"stc.iqiyipic.com","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1516h2_8daaf6152771_02713d6af862","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_packet_id":1,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874733301391,"pkt":"SKmKCiNtCAAnZaFTCABFAAA082pAAIAGAADAqFirfO3hFdfwAbtZPhTDAAAAAIAC+vB3fQAAAgQFtAEDAwgBAQQC"}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_packet_id":2,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713874733301391,"pkt":"CAAnZaFTSKmKCiNtCABFAAA082pAACMG7QJ87eEVwKhYqwG71\/DaowzrWT4UxIASAADKiQAAAgQFoAEBAQEBAQQC"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_packet_id":3,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1713874733301391,"pkt":"SKmKCiNtCAAnZaFTCABFAAAo821AAIAGAADAqFirfO3hFdfwAbtZPhTE2qMM7FAQ+vB3cQAA"}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_packet_id":4,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1713874733301391,"pkt":"CAAnZaFTSKmKCiNtCABFAAAoAABAAB8G5Hl87eEVwKhYqwG71\/DaowzsWT4UxFAQchCXLwAAAAC4rSnN"}
01223{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_packet_id":5,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1713874733301391,"pkt":"SKmKCiNtCAAnZaFTCABFAAIt83BAAIAGAADAqFirfO3hFdfwAbtZPhTE2qMM7FAY+vB5dgAAFgMBAgABAAH8AwOIpKghAoSOaTaFoeBYjD3rLLK+NCTh\/t3u4RBRMm9E9SAP56TXe27tMCuYsX+aAFTPfEDmkjRD2z326rjYGLLWOgA+EwITAxMBwCzAMACfzKnMqMyqwCvALwCewCTAKABrwCPAJwBnwArAFAA5wAnAEwAzAJ0AnAA9ADwANQAvAP8BAAF1AAAADwANAAAKbXNnLnF5Lm5ldAALAAQDAAECAAoADAAKAB0AFwAeABkAGDN0AAAAEAAOAAwCaDIIaHR0cC8xLjEAFgAAABcAAAAxAAAADQAwAC4EAwUDBgMIBwgICAkICggLCAQIBQgGBAEFAQYBAwMCAwMBAgEDAgICBAIFAgYCACsACQgDBAMDAwIDAQAtAAIBAQAzACYAJAAdACDUrccmEudYZZ43Reuocc+i9aZ760vNpyG3eiujXzrJYQAVALMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01223{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"msg.qy.net","domainame":"msg.qy.net","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d3113h2_e8f1e7e78f70_1b3407e2c936","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
01268{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming","hostname":"msg.qy.net","domainame":"msg.qy.net","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d3113h2_e8f1e7e78f70_1b3407e2c936","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2,TLSv1.1,TLSv1","blocks":0}}}
00958{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":53,"flow_state":"info","flow_src_packets_processed":10,"flow_dst_packets_processed":10,"flow_first_seen":1708962497309716,"flow_src_last_pkt_time":1708962497495798,"flow_dst_last_pkt_time":1708962497540736,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":839,"flow_dst_max_l4_payload_len":2170,"flow_src_tot_l4_payload_len":1416,"flow_dst_tot_l4_payload_len":2875,"midstream":0,"thread_ts_usec":1713874733301391,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"5.61.23.30","src_port":46174,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":624,"packets-processed":623,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":287611,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":52,"total-detection-updates":55,"total-updates":1,"current-active-flows":3,"total-active-flows":56,"total-idle-flows":53,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":483,"global_ts_usec":1713890981649495}
00779{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1713890981649495,"flow_src_last_pkt_time":1713890981649495,"flow_dst_last_pkt_time":1713890981649495,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713890981649495,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"54.208.106.218","src_port":49217,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":1,"flow_src_last_pkt_time":1713890981649495,"flow_dst_last_pkt_time":1713890981649495,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713890981649495,"pkt":"SKmKCiNtCAAnZaFTCABFAAA0W3JAAIAGAADAqFirNtBq2sBBAbtizhVCAAAAAIAC+vC7JAAAAgQFtAEDAwgBAQQC"}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":2,"flow_src_last_pkt_time":1713890981649495,"flow_dst_last_pkt_time":1713890981788412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1713890981788412,"pkt":"CAAnZaFTSKmKCiNtCABFAAA0AABAAO0G0sU20GrawKhYqwG7wEEwlJewYs4VQ4ASaQNIwAAAAgQFoAEBBAIBAwMI"}
00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":3,"flow_src_last_pkt_time":1713890981788451,"flow_dst_last_pkt_time":1713890981788412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1713890981788451,"pkt":"SKmKCiNtCAAnZaFTCABFAAAoW3NAAIAGAADAqFirNtBq2sBBAbtizhVDMJSXsVAQBAW7GAAA"}
01225{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":4,"flow_src_last_pkt_time":1713890981788767,"flow_dst_last_pkt_time":1713890981788412,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1713890981788767,"pkt":"SKmKCiNtCAAnZaFTCABFAAItW3RAAIAGAADAqFirNtBq2sBBAbtizhVDMJSXsVAYBAW9HQAAFgMBAgABAAH8AwNYJQnyv+kG3\/zovTj7qX9XJh4oLXDFJswU162ES1iswCCPdRwOOCh8\/xhvx4nk4BJ16rOyYghIu+Q8WQ1leY6BQQAg2toTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTGhoAAAAAACIAIAAAHW1lZXQyNzA4Mzc0Mi5hZG9iZWNvbm5lY3QuY29tABcAAP8BAAEAAAoACgAICgoAHQAXABgACwACAQAAIwAAABAADgAMAmgyCGh0dHAvMS4xAAUABQEAAAAAAA0AEgAQBAMIBAQBBQMIBQUBCAYGAQASAAAAMwArACkKCgABAAAdACBN42mECH\/OsFhIIzl2ttCUwK0fnCzxZkD4ZqYsf84lAgAtAAIBAQArAAcGCgoDBAMDABsAAwIAAkRpAAUAAwJoMoqKAAEAABUAugAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01268{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1713890981649495,"flow_src_last_pkt_time":1713890981788767,"flow_dst_last_pkt_time":1713890981788412,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1713890981788767,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"54.208.106.218","src_port":49217,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AdobeConnect","proto_id":"91.59","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":26,"category":"Video","hostname":"meet27083742.adobeconnect.com","domainame":"meet27083742.adobeconnect.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_packet_id":5,"flow_src_last_pkt_time":1713890981788767,"flow_dst_last_pkt_time":1713890981927880,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1713890981927880,"pkt":"CAAnZaFTSKmKCiNtCABFAAAouuxAAO0GF+U20GrawKhYqwG7wEEwlJexYs4XSFAQAG7wDwAAAABCWvWq"}
01313{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713890981649495,"flow_src_last_pkt_time":1713890981788767,"flow_dst_last_pkt_time":1713890981928323,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"54.208.106.218","src_port":49217,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AdobeConnect","proto_id":"91.59","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":26,"category":"Video","hostname":"meet27083742.adobeconnect.com","domainame":"meet27083742.adobeconnect.com","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1516h2_8daaf6152771_e5627efa2ab1","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00977{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":54,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713874727209515,"flow_src_last_pkt_time":1713874727498785,"flow_dst_last_pkt_time":1713874727797620,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"116.211.202.129","src_port":55272,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00974{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":55,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713874733252417,"flow_src_last_pkt_time":1713874733276281,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":568,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":568,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"184.86.2.194","src_port":55468,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00976{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":56,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1713874733301391,"flow_src_last_pkt_time":1713874733301391,"flow_dst_last_pkt_time":1713874733301391,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1713890981928323,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"124.237.225.21","src_port":55280,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.iQIYI","proto_id":"91.54","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":17,"category":"Streaming"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":630,"packets-processed":629,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":289568,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":53,"total-detection-updates":56,"total-updates":1,"current-active-flows":1,"total-active-flows":57,"total-idle-flows":56,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":495,"global_ts_usec":1714854984089683}
00776{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714854984089683,"flow_src_last_pkt_time":1714854984089683,"flow_dst_last_pkt_time":1714854984089683,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854984089683,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.136.49.254","src_port":50142,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":1,"flow_src_last_pkt_time":1714854984089683,"flow_dst_last_pkt_time":1714854984089683,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854984089683,"pkt":"ILAB4IZiNObXAhsnCABFAAA8\/VBAAEAGRUjAqAH1A4gx\/sPeAbv5QqzqAAAAAKAC+vD4UQAAAgQFtAQCCApwdY9LAAAAAAEDAwc="}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":631,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":2,"flow_src_last_pkt_time":1714854984089683,"flow_dst_last_pkt_time":1714854984207475,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854984207475,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAAOkGmZgDiDH+wKgB9QG7w95OABkI+UKs66ASaN8GPQAAAgQFtAQCCAoKEgQMcHWPSwEDAwg="}
00546{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":632,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":3,"flow_src_last_pkt_time":1714854984207530,"flow_dst_last_pkt_time":1714854984207475,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1714854984207530,"pkt":"ILAB4IZiNObXAhsnCABFAAA0\/VFAAEAGRU\/AqAH1A4gx\/sPeAbv5QqzrTgAZCYAQAfb4SQAAAQEICnB1j8AKEgQM"}
01436{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":633,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":4,"flow_src_last_pkt_time":1714854984209200,"flow_dst_last_pkt_time":1714854984207475,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":722,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":722,"pkt_l4_len":688,"thread_ts_usec":1714854984209200,"pkt":"ILAB4IZiNObXAhsnCABFAALE\/VJAAEAGQr7AqAH1A4gx\/sPeAbv5QqzrTgAZCYAYAfb62QAAAQEICnB1j8IKEgQMFgMBAosBAAKHAwOM4CjTVIpAuGe4FgpI+FPD5Ii2bAsYD+blLuEs+tvBdSDmxu7BFZ\/fl\/62zNYeFmksEJhOusXd7NK35cby7MeI\/QAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAhwAAAANAAsAAAhic2t5LmFwcAAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACD5wYr3ry\/P654CBZq1HHZFv8s1qSOxxy7aLmDeYtMAIgAXAEEEwFsY7qYe2EwUlltWbosudjwkqxcNudHhv\/Tb\/I4mlocfHIg8UFXYELwZSvzYAL0fTe8++olbJFLmjcTOy1llXQArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAH+DQEZAAABAAHCACBkHcYxtOIsDzO7bYvJGF70ZbDQiPTwVGuUSds8OGq4LwDvX\/vd7gY+Xar+eLDa1olYv5NluNvkSlBuXh4Dt8d9b3fiHZ2FNM98equEbvxX7qiFrfpfrwXVhExMwU+4l9H0WuBXiLJ4bsYEAeizIpkPe2ofZXWaoT2Oe3HL6zRlwYynegy\/4fu\/CbLzb09ZHYqRR2upZcCK5eLn7H416+qyqGeg85bFY4KCiqCMM1W42YGI\/m2Qu7KhfZ+fa4r3KBYYCejrXk1mZDAgK1oWSz8vLRnmHXLHCQFTz9Qurqa9YXtQgiIreihXpSx7v+QENwhshE000whgaQIN1YH0wH7l7UK\/8GzTAgOKkPfZ+Ne0ZrQ="}
01212{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":633,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1714854984089683,"flow_src_last_pkt_time":1714854984209200,"flow_dst_last_pkt_time":1714854984207475,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":656,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":656,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854984209200,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.136.49.254","src_port":50142,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"bsky.app","domainame":"bsky.app","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":634,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_packet_id":5,"flow_src_last_pkt_time":1714854984209200,"flow_dst_last_pkt_time":1714854984327006,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1714854984327006,"pkt":"NObXAhsnILAB4IZiCABFAAA0GW5AAOkGgDIDiDH+wKgB9QG7w95OABkJ+UKve4AQAG6Z\/QAAAQEICgoSBINwdY\/C"}
01257{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":635,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1714854984089683,"flow_src_last_pkt_time":1714854984209200,"flow_dst_last_pkt_time":1714854984327006,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":656,"flow_dst_max_l4_payload_len":4344,"flow_src_tot_l4_payload_len":656,"flow_dst_tot_l4_payload_len":4344,"midstream":0,"thread_ts_usec":1714854984327006,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.136.49.254","src_port":50142,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"bsky.app","domainame":"bsky.app","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00775{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":637,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714854988939343,"flow_src_last_pkt_time":1714854988939343,"flow_dst_last_pkt_time":1714854988939343,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854988939343,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"44.218.3.81","src_port":55362,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":637,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_packet_id":1,"flow_src_last_pkt_time":1714854988939343,"flow_dst_last_pkt_time":1714854988939343,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854988939343,"pkt":"ILAB4IZiNObXAhsnCABFAAA8RWNAAEAGApHAqAH1LNoDUdhCAbtRjP2\/AAAAAKAC+vDy9gAAAgQFtAQCCArFdlPyAAAAAAEDAwc="}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":638,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_packet_id":2,"flow_src_last_pkt_time":1714854988939343,"flow_dst_last_pkt_time":1714854989035518,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854989035518,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAAO4GmfMs2gNRwKgB9QG72ELQOtrOUYz9wKASaN90GAAAAgQFtAQCCApcyi2nxXZT8gEDAwg="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":639,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_packet_id":3,"flow_src_last_pkt_time":1714854989035570,"flow_dst_last_pkt_time":1714854989035518,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1714854989035570,"pkt":"ILAB4IZiNObXAhsnCABFAAA0RWRAAEAGApjAqAH1LNoDUdhCAbtRjP3A0Draz4AQAfby7gAAAQEICsV2VFJcyi2n"}
01433{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":640,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_packet_id":4,"flow_src_last_pkt_time":1714854989037367,"flow_dst_last_pkt_time":1714854989035518,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":725,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":725,"pkt_l4_len":691,"thread_ts_usec":1714854989037367,"pkt":"ILAB4IZiNObXAhsnCABFAALHRWVAAEAGAATAqAH1LNoDUdhCAbtRjP3A0Draz4AYAfb1gQAAAQEICsV2VFRcyi2nFgMBAo4BAAKKAwNz+rqLmPTZUTcjeGZOtZjQKymonWlon\/tFKwPwnrJzgiDNx4EMpJhxwvkclPpI\/ZVlkLlh\/mfPbmmu2dzMahyPEQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAh8AAAAQAA4AAAtic2t5LnNvY2lhbAAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACCpIZxHQL33HscVPtnfOLqUoN46my5B\/Bx0i4y+5moEEgAXAEEEn58IKqfTLT54L9SlCrrNAOVBv2ReCc5sOzwkClTXGHHN52Yha1qLi6ue8SpwziBeDtx3FjVho8jfWXELtLxsZQArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAH+DQEZAAABAAPKACDAArcTJ1rrBj0C14tyOasFGCAOUYY9VEv9prMz\/gWtmwDvMa0lwavgH0cPPTd0cKH1K4i5tntaeFDoVlLNYmA+oOHE5MrK9jxcJSAFF1d09GqGqHspqUHK9k2qIGuX3j8iKlYE1BpfOO22FqbkQdGzCQtB0RguiARx+VjynKvYjM9STwoHDvG6n2LYbLCTTA76iwkNoaZdKvUl5oVN2\/ccVwcnVUpSJyuwTmiKosMZ2fQs+HZJPG7wFdE3SU4UxXZ+pjZk2xrlMuHMTzFvm6jIbWUt8pVQxmIzM7aPKaf16xlwTaycCAQr4hc1HPYYvGC4k3tIZs8qplIfPIkRVe7qGhfN4Jx0kM5mG3FUNAT5vP0="}
01217{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":640,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1714854988939343,"flow_src_last_pkt_time":1714854989037367,"flow_dst_last_pkt_time":1714854989035518,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854989037367,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"44.218.3.81","src_port":55362,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"bsky.social","domainame":"bsky.social","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":641,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_packet_id":5,"flow_src_last_pkt_time":1714854989037367,"flow_dst_last_pkt_time":1714854989133216,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1714854989133216,"pkt":"NObXAhsnILAB4IZiCABFAAA0Et1AAO4Ghx4s2gNRwKgB9QG72ELQOtrPUY0AU4AQAG8H\/wAAAQEIClzKLgnFdlRU"}
01262{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":642,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1714854988939343,"flow_src_last_pkt_time":1714854989037367,"flow_dst_last_pkt_time":1714854989133315,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":4344,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":4344,"midstream":0,"thread_ts_usec":1714854989133315,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"44.218.3.81","src_port":55362,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"bsky.social","domainame":"bsky.social","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":644,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714854993342168,"flow_src_last_pkt_time":1714854993342168,"flow_dst_last_pkt_time":1714854993342168,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854993342168,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"15.204.197.32","src_port":33212,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":644,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_packet_id":1,"flow_src_last_pkt_time":1714854993342168,"flow_dst_last_pkt_time":1714854993342168,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854993342168,"pkt":"ILAB4IZiNObXAhsnCABFAAA8cT1AAEAGMfXAqAH1D8zFIIG8AbuPxXDPAAAAAKAC+vCXuAAAAgQFtAQCCAoWM3riAAAAAAEDAwc="}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":645,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_packet_id":2,"flow_src_last_pkt_time":1714854993342168,"flow_dst_last_pkt_time":1714854993436846,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1714854993436846,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAADAGszIPzMUgwKgB9QG7gbykxf7Ij8Vw0KAS\/ojL5gAAAgQFtAQCCApeZc7fFjN64gEDAwc="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":646,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_packet_id":3,"flow_src_last_pkt_time":1714854993436891,"flow_dst_last_pkt_time":1714854993436846,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1714854993436891,"pkt":"ILAB4IZiNObXAhsnCABFAAA0cT5AAEAGMfzAqAH1D8zFIIG8AbuPxXDQpMX+yYAQAfaXsAAAAQEIChYze0FeZc7f"}
01462{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_packet_id":4,"flow_src_last_pkt_time":1714854993438910,"flow_dst_last_pkt_time":1714854993436846,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":745,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":745,"pkt_l4_len":711,"thread_ts_usec":1714854993438910,"pkt":"ILAB4IZiNObXAhsnCABFAALbcT9AAEAGL1TAqAH1D8zFIIG8AbuPxXDQpMX+yYAYAfaaVwAAAQEIChYze0NeZc7fFgMBAqIBAAKeAwMzierlUq4Ky1l25rnee2MgF9aZiWvQtqPJJJx1PmqPySCNFgDlN+XvuhOJbygGgeQEG\/GKE35OBKdwlDCl403cpQAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEAAjMAAAAkACIAAB9lbm9raS51cy1lYXN0Lmhvc3QuYnNreS5uZXR3b3JrABcAAP8BAAEAAAoADgAMAB0AFwAYABkBAAEBAAsAAgEAACMAAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIK46EBJGpI7YS8+47xPV6PJ7B98xD6ICj2uBq56HkGhYABcAQQRjUGR2lF49eB8SPV4dro6ZFFKPAH5UTPyTpbKDqBRXs481IvKmk667rFNg5A1BCXb3W+YZh\/oFtu5wy2Cg5NQaACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAf4NARkAAAEAA7sAIOskgdCii5OEFv0mYAVV\/MADdwIYc456KbuTpmi6VbFmAO8g6CCARdMkCpUZ\/LTzjcXudivgs5yKTPtd9wixQa25Xdnz2aKPnrVXC2EQjOnteBiwUiv4y5j\/4EZewVmS7WtrCIE24IJdOt9FV\/Vow460zdtaTA5xoGkeY5PaJgINnXMbnJylUWadJcq40ifHaQnLNhO+TXDQqnVAy5VTZmBAMJNg7x2NM6HJ82ck3Kup9qREYFZvzZyKYJBOGhnmVvPig9CifEYjj1Iz54ai40CgJ+77cB3sQ5QssBYTr+dqkRIo1E+lFxvPylhHJlJ\/IrP\/KDkU2xW8Xj+Z2uQbKgGT8IjKfS7U4P2i1v5x1mEaQw=="}
01255{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1714854993342168,"flow_src_last_pkt_time":1714854993438910,"flow_dst_last_pkt_time":1714854993436846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":679,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":679,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714854993438910,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"15.204.197.32","src_port":33212,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"enoki.us-east.host.bsky.network","domainame":"enoki.us-east.host.bsky.network","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
04471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_packet_id":5,"flow_src_last_pkt_time":1714854993438910,"flow_dst_last_pkt_time":1714854993534151,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":2962,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":2962,"pkt_l4_len":2928,"thread_ts_usec":1714854993534151,"pkt":"NObXAhsnILAB4IZiCABFAAuEfQNAADAGKucPzMUgwKgB9QG7gbykxf7Jj8Vzd4AYAfijAAAAAQEICl5lz0AWM3tDFgMDAHoCAAB2AwMqmi5Whmv7FO5Y61Gs0lXMBhlY2PXWaAg4XJD3BdhCzCCNFgDlN+XvuhOJbygGgeQEG\/GKE35OBKdwlDCl403cpRMCAAAuACsAAgMEADMAJAAdACCpZ1Nq3tX06CICpn5aopjml6DP\/qYehZGJhxDC9IxWaRQDAwABARcDAwAkwKf4iMzrBmAPR5sm4UlS+c4Zzu4otSIvX9a2C+2teRyjmTMgFwMDCkrQ5jGpeJkHlhPuVfnIV2oPNbs\/ymV9rUL8gY1qyM5FcblARFI+h6RkfCvSEjjskg\/kMQcSmecXIdVuVsfcXfaNLkKRTcoMd90erzxmdwirz5awGutCA3ZZHTD3+6IJwCwBYLrv1UnSM67YEuwj2g+oBlC9CyYRTHjdvcc4tAHn3c9JNjkXUMJYOHPOK9cXOUl8iSolkBKyaeMebQhMcqGtRFQ3zo8BdB2HCTV2DWaO\/mEPMHUBad8Tf6LcEKTrCz6iVgL1Q9NmFHU0LkIA2Pv308InOrafkIZ56wkb6sNUG0IK4X6vIH35RwGvZBmwVjHFiF4F9D+oVy+4hROzKL8mQKw+et2KkZkflySXY+uEYtPMGfXacKRRR+8a\/yU1lMSlx+ngGRgZPujGDuYPK2H2AvkJ21sVe8LzGPjOUBAvJbm0GbTMLBZ5jtxzfGQxGZiZ\/M\/bOYIPWmDg+ATQ89i69qWqmHiWBG1SnTw22s3Ne8EbxfVWHO2wzJaYtdKQYh8ti\/weL+MfD6YfxxEBnX92eP0TJg8Sq5ktUfAY0RP\/Q1ZP\/MuDETSijfqkHEJMziY\/5EnWvv9GDiAsUbRaza1VuXUety0Aa\/YL9fMKxjPlpi5fgJwCDkENRjl+63TcuV6aBXnaqamEmXv2\/ZoBleDOVpV3F1OgsCb4TBCxUgGBCSK43vHiigN46heF8oX4cDFETdqX28xjlZwMt9IFgf1TNCIWS+o9GcX+zVWWi5Uh7oZH4m+rSDNdx+Jma9JiNN\/+bWn\/cjczKe94YgMYCtKjqOp6WqS8xl8Dda6x3iWiAxr6QdlazZPj3OWYRydSOMFH2qoGezEbTv2vTRrx68z6iUerfKTI4lS2+4bnEKiRrwKZUMV0guazsWlDa7QOmC1UBFBb2XxZFilifSMg5dzLZ5IJ\/C9kBOVVPKPIE0Rg+wYvqMYyuf\/4eSQlUF4THR4SHPza4TVFXBmkeqTiX8oolUv5jfOFZsUq74yOymwf9tXrIyA\/I+njJYDbCh6VZkRTWEDd4Yg708GnbM57dWPLEpb7YJcgp33iGYfZp+sqNczdyb94r58S9c+idRHcqEJfux6HiGD3tWKL7pa+gWPs92RCA3fmPeAWhUlTJ4kKl9qvuPwPBYd+9KVqJgYf5ydZwIh\/u3sqsSQJRyrwoeskF9Fa81tFnqfJiDF7gXhfQroCT2oauGluvYqeVQKyL6f53LZLK3As5aRfFq\/KL6\/IF4EvW3wL49e2Uy5FeRk+1DZzfkW7+NEKRQRio3VHB4HS1PzDbQ\/EiHrASUBmt6\/DVCSkuhJWFgnSg6zv7dqsBSfY6gRhscxkFP0VWOBEULa\/GGhOd28LvPvRg9GFR3HGj6oyDFfN7vqlXoH9RKgFSc\/AndL9hgJFBy6GjN2\/dVtE5a\/djjn+IlXVTccTI7JX6xJdYQvxu8Xv\/aCTsrafhG+MTYUNNvwNrllCt1XE9oaWMpwP1SoDbkkt2GAlwlonpyBihp7pkS6bm75aJnL7TE0ZEcYfeGZ\/8GJAP+zMPOEr8eIJ3epXKryJHykJhmgv7db0UHwfc4oX2fUb9ixV3RIXKvuwG6CVEwluIkXgmicd1Pw6kPPNL8+4y45EDReT5IBHQQu5rfGfOGggMlViuupYgi3ss05I5DpJULXl1EKZKhaWHh6Hgti+mggbai55CZTFJtz6xG\/mapCOcS7tawnIv7OORZ\/KGPhSoeSzrfJ2jU62gU9qSijoj55nWQseFCMicOezUdb69+wTS\/dlYi9yHFpijnYusdhwevdkeO6YmnjVJrcQhpe6PPRnz5Jf+Y3ebVpLhIsJ35IWjCeWxVGzNT4qI9DY73VVPwGMWsN5snXbKiOchDZ1I7cUQDymWf9\/AcG6PKDC1qFhPGFkIwAZXG4MZz0G4C9Rj+ManSrHAE5fZBJ5z6NxhW3DR89m6VlddXn\/5H+gt9H\/mtUin3oV0VdBPJfjVkZBxy+ns02mOBneI\/Xpvl3UW4uTKzrwAR6D7IrzMlRgURRiCSZEgDbEEn1txQvqjiR0W4jAd4WtSM3IGZ9\/5mNbO37LXc\/CWvTkKvmSd2Af07ih4Er3RizWRsm8u4O3dmm7rpr2KE0kXJNcjJJ817QeqpOXgqLX7hbiOorXRG\/+ZgwF6AFgRTf2mKwdmTNM2tv7PM93WmEfSm9j9F+fgUwHxmJjAtMxPwN04SQL50mHPm\/FcFhqCYwfAneDV4trNHOcbuEpgwXBspHXnARsdcbA0HWUTjUTF2hf1DghnyftsBbA3L5xfpD0bmv\/O60AXrhqm8qVK2ZEvZFhUjmcVecpdXl3OhWnTbWylUhNpoXthEVrO+rcsQCevw0OLVKCYHg6bd\/ginVaOaVncDbOOHCDPpKIAhpUBPtzl5FU4Upadrtr6W5sIlyiVA40bafrzd2WfLnoZL1MDN7fH6ZOqOod1bmc1E0JrR5ZjP4m4tHePJfdfQG\/F7MLBzVjSQ0\/Z5o4X2a5BbvHZvaHDvyYB1A7nLac+VRrwNEs9GAi+LtbzUVwWI2EvvWw8En4+9SVDlMjz4vWw5ZHWbVVYi3RNtnEc2EOYouUQxsDy9X7t\/R1UT3VjozdeH0M8AEKGMt3FABEIFGXAN+LpcoArPdhpHnoAOL000yS5uplPBRgIV2soye1edc0rO4ihLwIi3GmbAk4r2yGYOLS1jtmSBMCweA1py7TCbNULwqGG91vTpALMVtkb0f\/X\/\/x5zm1Uc6e3u9\/9I25akIjPHZVVPdk7CiYfvHhipAnpBdP0yfRB3RpD09gxTI86ti6r9NSPTXqpCa7Hkk2XobCHF7HjYPi71\/gfAbST3TtYOOZA8NQwaVGh1AySfXOTkbFw5zJ0+s4G3o3\/saMiRTY4nVwxfWOt+aODouCSHFEVqSgTF5tNg+LgBX0zTJPqL9C4RtXfYCUyeXjha9r4ELWf8CMHfFaG0mp7eOtzfNFl9MoCykSeanOaoK4gY8cLbfKT5xdje27ZSDRxveE6US1zF9DV+Yqf9pdJW\/leRyayCqXPdTtHhoz\/BvMsFoE3qArEBoXhdGg8IhbHq0W5N0Ajk8hWC7B2HQXJGEMFDYSz+q3nak2ecQxQ3Lp3uoeyABXlMk7oww0oiqYJF7jV2+TZKcslT+jRz6SL+xW3d7XIe\/oeiNnrwo+mFzQVqal4PxhfIth+6plxuMGo3h7BfWV7WMbG0qLN2HyDDiEP7Y5QXm8dQa8TUy5TIrqPoc7zM9YUrSnBcEkdp3d78biqBNhVnng98+ZHvq6TPo\/SUykIvgVYwctyjKt5EOFfcxSmpG1ikmjMoYAKYH\/op1mn54u3Vntx4XoQmJ0DD1mU1D8Wuf3f0tqAQZBYDGb7O050PUC52FfZQNC+m2BSFuQ+7ys3mm+9mtFkNbyBxQwddr5yAAqc+k7sANJRYrpDIbkCZgdVH5BsNt385bpVingDBzdeGjhixGyn7Pn+GxmckdvAMhsERRc0TtbJipiOWNybJ1Cy8ukLvEdTzEXAwMBGXycNlQy1\/4fjmDO4jX3JNk0IeWUne+NHRFH3bARsnozEpAwGgukgRYknvO4E5iGOk6SpqQ2KAWFYqNOU8ByXCGT4CXkqD2Ixn0v1Sm8Jw=="}
01300{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1714854993342168,"flow_src_last_pkt_time":1714854993438910,"flow_dst_last_pkt_time":1714854993534151,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":679,"flow_dst_max_l4_payload_len":2896,"flow_src_tot_l4_payload_len":679,"flow_dst_tot_l4_payload_len":2896,"midstream":0,"thread_ts_usec":1714854993534151,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"15.204.197.32","src_port":33212,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"enoki.us-east.host.bsky.network","domainame":"enoki.us-east.host.bsky.network","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00990{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":650,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":57,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1713890981649495,"flow_src_last_pkt_time":1713890981788767,"flow_dst_last_pkt_time":1713890981928323,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1440,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1440,"midstream":0,"thread_ts_usec":1714854993534195,"l3_proto":"ip4","src_ip":"192.168.88.171","dst_ip":"54.208.106.218","src_port":49217,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.AdobeConnect","proto_id":"91.59","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Acceptable","category_id":26,"category":"Video"}}
00805{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":650,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714855508634175,"flow_src_last_pkt_time":1714855508634175,"flow_dst_last_pkt_time":1714855508634175,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855508634175,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a04:4e42:c00::347","src_port":35968,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00585{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":650,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_packet_id":1,"flow_src_last_pkt_time":1714855508634175,"flow_dst_last_pkt_time":1714855508634175,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1714855508634175,"pkt":"ILAB4IZiNObXAhsnht1gAza5ACgGQCABCwcKPcESbqWrUpIwC6UqBE5CDAAAAAAAAAAAAANHjIABu8lYr1sAAAAAoAL\/KDXhAAACBAWMBAIICkOABtUAAAAAAQMDBw=="}
00587{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":651,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_packet_id":2,"flow_src_last_pkt_time":1714855508634175,"flow_dst_last_pkt_time":1714855508637050,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":94,"pkt_l4_len":40,"thread_ts_usec":1714855508637050,"pkt":"NObXAhsnILAB4IZiht1gA1LzACgGOyoETkIMAAAAAAAAAAAAA0cgAQsHCj3BEm6lq1KSMAulAbuMgH1JAY\/JWK9coBL\/\/wG3AAACBATEBAIICiSfHLdDgAbVAQMDCQ=="}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":652,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_packet_id":3,"flow_src_last_pkt_time":1714855508637095,"flow_dst_last_pkt_time":1714855508637050,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1714855508637095,"pkt":"ILAB4IZiNObXAhsnht1gAza5ACAGQCABCwcKPcESbqWrUpIwC6UqBE5CDAAAAAAAAAAAAANHjIABu8lYr1x9SQGQgBAB\/zXZAAABAQgKQ4AG2CSfHLc="}
01465{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":653,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_packet_id":4,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508637050,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":749,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":749,"pkt_l4_len":695,"thread_ts_usec":1714855508638270,"pkt":"ILAB4IZiNObXAhsnht1gAza5ArcGQCABCwcKPcESbqWrUpIwC6UqBE5CDAAAAAAAAAAAAANHjIABu8lYr1x9SQGQgBgB\/zhwAAABAQgKQ4AG2SSfHLcWAwECkgEAAo4DA5K+4poTIGZbFxQbxtz3GB3ORtUS0TDo2BSx\/f62oS8PIOyqjCY5Wb8aMUVgJgL5ES78Qhcp+ioS6v6vrKpgATA\/ACITARMDEwLAK8AvzKnMqMAswDDACsAJwBPAFACcAJ0ALwA1AQACIwAAABQAEgAAD21hc3RvZG9uLnNvY2lhbAAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAjAAAAEAAOAAwCaDIIaHR0cC8xLjEABQAFAQAAAAAAIgAKAAgEAwUDBgMCAwAzAGsAaQAdACAU7+9zuWKunu65iWFoQz3SZkQxmvLy8oMB2YLyW+zTJQAXAEEEwWRpKiKf5k6F597IWbPdlt2kKlwez6WKSSO5Dl7AuEu6DfRxB3CuETML0nfG00VNmhkPxeAuWH+sH3Rsbgoy3QArAAUEAwQDAwANABgAFgQDBQMGAwgECAUIBgQBBQEGAQIDAgEALQACAQEAHAACQAH+DQEZAAABAAH5ACDYq1Ww1dhCdNF+ryPD3LhZNxHFsFDJaw6Ga9JCX0yhLwDvOJdvhalIL2Ld1sgFWmnOp1HGPzMQk5MhKDiJyn5Vv09eNeUpJHkRNINxjFM6rq2HtiFLW0IZuhLQjekI+4blc+D2HhDE2At0bloIDQzgM06vedLYR9xsO94SZclqV+L5zGBbKf3pzk2jXxmU1tJuQSnUNNKIZ5Djk0SkA+LZEgwWvFcVt6ZLbhxxg5Vq0\/RPx5vzBFY44Pni1idn\/c37TxGXpC9wVnFH8hrR3g5uysaC7eV2kJziFH19q4jEBajL4AswFYTu44mDds0kR1IxGqWXxDZg2uoqzqB5QondkJt8xo49n7+FIFak8gLd4YI="}
01252{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":653,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1714855508634175,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508637050,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":663,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":663,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855508638270,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a04:4e42:c00::347","src_port":35968,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Mastodon","proto_id":"91.412","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"mastodon.social","domainame":"mastodon.social","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00572{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":654,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_packet_id":5,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508641708,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":86,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":86,"pkt_l4_len":32,"thread_ts_usec":1714855508641708,"pkt":"NObXAhsnILAB4IZiht1gA1LzACAGOyoETkIMAAAAAAAAAAAAA0cgAQsHCj3BEm6lq1KSMAulAbuMgH1JAZDJWLHzgBABBivwAAABAQgKJJ8cu0OABtk="}
01297{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":655,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1714855508634175,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508643170,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":663,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":663,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1714855508643170,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a04:4e42:c00::347","src_port":35968,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Mastodon","proto_id":"91.412","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"mastodon.social","domainame":"mastodon.social","tls": {"version":"TLSv1.3","ja3s":"f4febc55ea12b31ae17cfb7e614afda8","ja4":"t13d1715h2_5b57614c22b0_5c2c66f702b0","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":656,"packets-processed":655,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":307433,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":57,"total-detection-updates":60,"total-updates":1,"current-active-flows":4,"total-active-flows":61,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":529,"global_ts_usec":1714855626875150}
00828{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714855626875150,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1337,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1337,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1337,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855626875150,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a03:2880:f208:c4:face:b00c::43fe","src_port":41590,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
02349{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_packet_id":1,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1399,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":1399,"pkt_l4_len":1345,"thread_ts_usec":1714855626875150,"pkt":"ILAB4IZiNObXAhsnht1gAqQwBUERQCABCwcKPcESbqWrUpIwC6UqAyiA8ggAxPrOsAwAAEP+onYBuwVB56HPAAAAAQntgqIw4+DzXG8DDjV4AEKHhuUnnf7aCsqjJ6n9uzsKazMDl36U3lgejMwMjFcChCo2U\/4egl84ETgP50PyNnQWj7l2NNX\/opJ2P6uWw+PhENIBM8sJ\/NgHq0VgbJtgDw3uez8\/MAaZE\/cl1TB\/c8CQyzdHNaaSDYGOAQWweSfIzAvWDP9hbdYh07ywhlGFuog+32Prts5MQG1WwihrPli5ULgVB865Pxdl4W\/uWX4tIEsaOq9yIUZikgtiIN\/lJ2MxWV87IMALL\/0xAnAY+oVEWruI8jd5eyEWek8DNQV53lL5nQuMu3yl1yA6PxDnzcfqiin+FXddHI3Mc15ugeOrDFLl92\/b0O83dAMS4WrgPl6nBxxv\/os70fJ9pN09aByi3MJajU7WYJifrAL5gbjNCl6HGQPh3w5kIYjMAE+4ea\/yJs9k52ITu9vwsi79PJSiXFX618uK+2jw5tOOXQVOK\/udu505vNAfkQffevVF6JBDr5h3rBgRTW6GUmAIrbPzYR6AeXyxXeTosExy8waiPa+\/8j8wNeFh42rj8mEVgdp+mvgDsoP3vBpzghC3upVNf1PnkwrL\/8puXPkr4Bs+DlC8FdJKSu5haPhdqgqXK6sKSAQTtauSV\/p4szNlL6\/UPMWULqzYXXFmG\/yqneMUt6G0Z0JzxovHx85dvQR8drgQOvo8Mp\/SUgwTb2wa0eNMwq+SynOrpUTF+jxGyaNjewWA0nnY5XakI9XBaWhGxqOjRxflsIsIxNN98VUMvRFu3Yl23bEq70Q5NVqtiOoM\/g3mm6bnNnKcPqiZlCAeS3sItwr1C6TXBPxOkaO3AMYujWFGytVr8mplzr07A9ONMULDElcuPUhzBm0DoR5ecEkv0t3rHXoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="}
01288{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":656,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714855626875150,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1337,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1337,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1337,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1714855626875150,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a03:2880:f208:c4:face:b00c::43fe","src_port":41590,"dst_port":443,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Threads","proto_id":"188.413","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.threads.net","domainame":"www.threads.net","quic": {"quic_version":"V-1","tls": {"version":"TLSv1.3","ja3s":"","ja4":"q13d0314h0_55b375c5d22e_61e396c58b1f","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h3","tls_supported_versions":"TLSv1.3","blocks":0}}}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":657,"packets-processed":656,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":308770,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":58,"total-detection-updates":60,"total-updates":1,"current-active-flows":5,"total-active-flows":62,"total-idle-flows":57,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":533,"global_ts_usec":1722431353907697}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353907697,"flow_dst_last_pkt_time":1722431353907697,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722431353907697,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00555{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":657,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":1,"flow_src_last_pkt_time":1722431353907697,"flow_dst_last_pkt_time":1722431353907697,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722431353907697,"pkt":"ILAB4IZiNObXAhsnCABFAAA8zQxAAEAGppLAqAH1aBCcb+UAAbvi6sc0AAAAAKAC+vDHSwAAAgQFtAQCCAoCIa4cAAAAAAEDAwc="}
00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":658,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":2,"flow_src_last_pkt_time":1722431353907697,"flow_dst_last_pkt_time":1722431353928918,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722431353928918,"pkt":"NObXAhsnILAB4IZiCABFAAA8AABAADkGep9oEJxvwKgB9QG75QChV1Qc4urHNaAS\/\/\/CaQAAAgQFeAQCCArZVK68AiGuHAEDAw0="}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":659,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":3,"flow_src_last_pkt_time":1722431353928951,"flow_dst_last_pkt_time":1722431353928918,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1722431353928951,"pkt":"ILAB4IZiNObXAhsnCABFAAA0zQ1AAEAGppnAqAH1aBCcb+UAAbvi6sc1oVdUHYAQAfbHQwAAAQEICgIhrjHZVK68"}
02104{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":660,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":4,"flow_src_last_pkt_time":1722431353929964,"flow_dst_last_pkt_time":1722431353928918,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1219,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1219,"pkt_l4_len":1185,"thread_ts_usec":1722431353929964,"pkt":"ILAB4IZiNObXAhsnCABFAAS1zQ5AAEAGohfAqAH1aBCcb+UAAbvi6sc1oVdUHYAYAfbLxAAAAQEICgIhrjLZVK68FgMBBHwBAAR4AwO0Vd+Hjqs6YLDUky4dttDTr7X6Ho8JWhuwTTI8oXBtmyAOY0LJVwI8nEwgs+H+tIRXBru102JrxeCQ3Q9L7FzJZAAiEwETAxMCwCvAL8ypzKjALMAwwArACcATwBQAnACdAC8ANQEABA0AAAATABEAAA5zMS5ub3JkY2RuLmNvbQAXAAD\/AQABAAAKAA4ADAAdABcAGAAZAQABAQALAAIBAAAQAA4ADAJoMghodHRwLzEuMQAFAAUBAAAAAAAiAAoACAQDBQMGAwIDADMAawBpAB0AIC14LwJvMp4sIaUVuH5Os6Rb\/VsxaIfFJv6bDS4\/qK42ABcAQQRUald3japIeUZqz4zFvZovMYuE+qdvgqaFFvAp+\/LNhYtWtBo6b1Dw1HsWe+26pYa7XfluvSHmCsGv44lAqHtEACsABQQDBAMDAA0AGAAWBAMFAwYDCAQIBQgGBAEFAQYBAgMCAQAtAAIBAQAcAAJAAf4NAhkAAAEAAU8AIPE3IdPdc+dypWyWA\/Lpql\/nw\/ySSqfhgLjxaaaoUpoCAe9M5T\/BeomAUf+Gnu5qjEcJwbW1SCBsnJdmqquZH5t7KrRqyHIlVII5ajydOx76bFPG7gzi5P+6tVrOiYYXyQazMzOI55pGxKDmdsNQ0K+XajOSQHCzOWK0snmQ8MgZEV7RFcJoolH09ISB9SuoAplh9ZEwEpclSzF07fa+UY2xRbIdASoVm0Jp4slrwo\/yCjRXaymhW6bBhpUbwvHy6+Qk23yNfiNP4IzmV417+pOsW3blQgFlRpjUvd69MH2WAbbO8cPZEX0MJ9H1JikxVPVXnkEpXAx+OoJ8TWYmGIcyG8+1qi4mxmRYmkgeE2E03ReyURMo6R12dfNb\/P4x8++S3M0bJqNkAO4BoRxTrYRXeybS4ngL66uokonF8jGFhO4fzK5vsFlfy0OQ4vlXTTLU+rjuzeKVZqYYn85kc96g3ywRTepinr0gSIEG4e3jwtxij6Sjj+xyHc00QR8d1Lbe20pp994QREUQEC5nLzLLdFl8he79aSXVCeVdKC8d4ytvdRitnaQ2eHuARdeYEdMeS29xpox2FzgOoyDmyv+N5FXHQCZ9a4eaRiw8LK3Rbwm16my8L7sPuE82mM9Ejsivh\/jUSe0cRGogey3X7E0KkuTKKmB7foSxOpY9wXqL8V+nccjEi7ThdHfCe4StGFMAKQDrAMYAwCYZbRMJdtvQeIzAnwhO+SrQLD5v0nL0D46s1oouM33AmwRF52FK\/tJznmo88TLCmzefNFiitUGNjD1O7v1iXh5EFHo0JIVSrxp1ry9DILsARKFkED5IAjGJ1MUB2JIcQyxxX\/GBW+od2qteYUHuvbMK4Z5NiVUGxqjcx5zP1bdMpKocWIxp0KSC0V3z\/\/nPFzLL5yQbe1SDa+CCUpm+4jol0AW29fh1VBkK0P+vJ+gRzCanACU2hwzSznKAprodMg6GMIoAISCifLc1oTd7kgvu0IhNuHd6Y6bfVcioqUv6XUJbI0NYow=="}
01226{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":660,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353929964,"flow_dst_last_pkt_time":1722431353928918,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1153,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1153,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722431353929964,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.NordVPN","proto_id":"91.426","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN","hostname":"s1.nordcdn.com","domainame":"s1.nordcdn.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1715h2_5b57614c22b0_7121afd63204","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_packet_id":5,"flow_src_last_pkt_time":1722431353929964,"flow_dst_last_pkt_time":1722431353950981,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1722431353950981,"pkt":"NObXAhsnILAB4IZiCABFAAA0oRBAADkG2ZZoEJxvwKgB9QG75QChV1Qd4urLtoAQAAbsTAAAAQEICtlUrtICIa4y"}
01269{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":662,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353929964,"flow_dst_last_pkt_time":1722431353952901,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1153,"flow_dst_max_l4_payload_len":287,"flow_src_tot_l4_payload_len":1153,"flow_dst_tot_l4_payload_len":287,"midstream":0,"thread_ts_usec":1722431353952901,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.NordVPN","proto_id":"91.426","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN","hostname":"s1.nordcdn.com","domainame":"s1.nordcdn.com","tls": {"version":"TLSv1.3","ja3s":"2b0648ab686ee45e0e7c35fcfb0eea7e","ja4":"t13d1715h2_5b57614c22b0_7121afd63204","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"TLSv1.3,TLSv1.2","blocks":0}}}
01059{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":62,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1714855626875150,"flow_src_last_pkt_time":1714855626875150,"flow_dst_last_pkt_time":1714855626875150,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":1337,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1337,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1337,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a03:2880:f208:c4:face:b00c::43fe","src_port":41590,"dst_port":443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"QUIC.Threads","proto_id":"188.413","proto_by_ip":"Facebook","proto_by_ip_id":119,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork","hostname":"www.threads.net"}}
01009{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":61,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1714855508634175,"flow_src_last_pkt_time":1714855508638270,"flow_dst_last_pkt_time":1714855508643170,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":663,"flow_dst_max_l4_payload_len":3624,"flow_src_tot_l4_payload_len":663,"flow_dst_tot_l4_payload_len":3624,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip6","src_ip":"2001:b07:a3d:c112:6ea5:ab52:9230:ba5","dst_ip":"2a04:4e42:c00::347","src_port":35968,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Mastodon","proto_id":"91.412","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00982{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":59,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":1714854988939343,"flow_src_last_pkt_time":1714854989133340,"flow_dst_last_pkt_time":1714854989133315,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":659,"flow_dst_max_l4_payload_len":4344,"flow_src_tot_l4_payload_len":659,"flow_dst_tot_l4_payload_len":4344,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"44.218.3.81","src_port":55362,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":58,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":3,"flow_first_seen":1714854984089683,"flow_src_last_pkt_time":1714854984327058,"flow_dst_last_pkt_time":1714854984327006,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":656,"flow_dst_max_l4_payload_len":4344,"flow_src_tot_l4_payload_len":656,"flow_dst_tot_l4_payload_len":4344,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"3.136.49.254","src_port":50142,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"AmazonAWS","proto_by_ip_id":265,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00980{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":60,"flow_state":"info","flow_src_packets_processed":4,"flow_dst_packets_processed":2,"flow_first_seen":1714854993342168,"flow_src_last_pkt_time":1714854993534195,"flow_dst_last_pkt_time":1714854993534151,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":679,"flow_dst_max_l4_payload_len":2896,"flow_src_tot_l4_payload_len":679,"flow_dst_tot_l4_payload_len":2896,"midstream":0,"thread_ts_usec":1722431354035876,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"15.204.197.32","src_port":33212,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.Bluesky","proto_id":"91.411","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":6,"category":"SocialNetwork"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":679,"packets-processed":678,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":317899,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":59,"total-detection-updates":61,"total-updates":1,"current-active-flows":1,"total-active-flows":63,"total-idle-flows":62,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":547,"global_ts_usec":1722540110191305}
00777{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110191305,"flow_dst_last_pkt_time":1722540110191305,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722540110191305,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00556{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":679,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":1,"flow_src_last_pkt_time":1722540110191305,"flow_dst_last_pkt_time":1722540110191305,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722540110191305,"pkt":"ILAB4IZiCAAn\/ADWCABFAAA8BCdAAEAGK7zAqAG3kka2M6xGAbuT6uEmAAAAAKAC+vALCAAAAgQFtAQCCAq7v5eGAAAAAAEDAwc="}
00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":680,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":2,"flow_src_last_pkt_time":1722540110191305,"flow_dst_last_pkt_time":1722540110194850,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":1722540110194850,"pkt":"CAAn\/ADWILAB4IZiCABFAAA8AABAADgGN+OSRrYzwKgBtwG7rEboU0P1k+rhJ6AS\/ogVTwAAAgQFtAQCCAoNiXkPu7+XhgEDAwo="}
00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":681,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":3,"flow_src_last_pkt_time":1722540110194916,"flow_dst_last_pkt_time":1722540110194850,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1722540110194916,"pkt":"ILAB4IZiCAAn\/ADWCABFAAA0BChAAEAGK8PAqAG3kka2M6xGAbuT6uEn6FND9oAQAfYLAAAAAQEICru\/l4oNiXkP"}
03193{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":682,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":4,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110194850,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":2022,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":2022,"pkt_l4_len":1988,"thread_ts_usec":1722540110195491,"pkt":"ILAB4IZiCAAn\/ADWCABFAAfYBClAAEAGJB7AqAG3kka2M6xGAbuT6uEn6FND9oAYAfYSpAAAAQEICru\/l4sNiXkPFgMBB58BAAebAwOMyJKUrIxCPHqn2VISH\/tZfuZk1kdZoye2yoV7yWY\/wSBWT4QBxYoqp27ugRxpLd9QogW7lw6Q1GxheChWriBodQAgiooTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAcyuroAAAAAACMAIQAAHml0LW1pbC12MDg2LnByb2Quc3VyZnNoYXJrLmNvbURpAAUAAwJoMgAKAAwACvr6Y5kAHQAXABgALQACAQH+DQD6AAABAAEhACAyZ8WfdTOepDHDcv8u7AZsA3ufD9Tv4o3teKWxxv\/EMADQafpU5EHwlqUmTBY7YYYXjignCOwjDanc8afJW0Vfz9TvS9Y6le9sOuXAD8soda2n7n\/v48URL9ooTFA38XzUnGbWWxIbIyiK6zPkwGlHWW2oEAI5UIi39SJ1WgdycX7xaH0kfR+AwnQwCXj0uaAYcZMpsrUf+Tlki1O9SDLm\/MQY2jwh8V\/GlM8uC6xDVgd9d8SzKuPP\/sSnRyGBbfbvCjS4JsL+hSJXlM7GksS+OkwYiGeVI3k5bdkvaiBkBZKA2DFkNscu8X8ECxMyks+zaQAXAAAAMwTvBO36+gABAGOZBMBepLOv0L1A+CYI4wqfhKxmeOnU6\/43T\/93jZmmID12ait1B5GBdodZIxoYvR1Bt1ZiFHv5qBkoJKDseiRwzqhJWjeCZg46Z\/+aHFoxjmP3ix+rsJGSBsaAj97JrP+Kx3jFLv2ZqDa0Q4LzneSJW\/rIOnQTwePHouWzILhTTXf7iTRMT8HyC6BqG4wBGYz7Pi4RKeOVGB52aJeJUxMzODmKJfWUZcKVuC0mE1vxcjTFc91WvS1KQFshPHBRFSIzXii1BlQcrFnbJy1SgetIOB01cWxRfOc3bNKTeFAqeWpkiTFWMrZVCOZ6X\/G7y\/t3DKdUbDXSrps5z\/JKK3N0c8uKYTqZxXNryAKJAf1CczhniESLIy8ArLprLrxwOaCSsWgIqQDmA3ZUY\/Nqq4dbAEPDLJm8iNVYrZ2VKWmUrrWjH2z6narhOnSQuNKHDbShLkaSvsIUv8oMHBicec2kYoEqnyDlp8erz6bcAR4VECFnWUGESIsLVsz7AKDnBowjR0PRA3e0JIZVsXicubX2OO5VJ1RGikXch6EBqshVc2koT\/Z8YUY1kl8LM2sVx7NXTPC7V8gVV4MTmPJamhuSaz7Bik+zk4rGBF6EF5xBbZi1qg6sKfOmYsuGgjnCZigFV5DqBSIKCV7cJHAIuyistjbKkUzwUq6GlqgjIxGMdntoW7qJt2CBXVZzxl0UQvrFPcKQi\/NhCzLxur\/mA8UoyYUxPOVjG4hTR2P8CcmsERIlM3VTfVyVM\/iZORh5dGGwaS0iEEQBoyH3c\/bCGK0oKsZllcr6uHQms5j8LjihTWkrk9AYuftiYpNWFCtjTV5nsDAGH2EslT20XOolySEAWOYwG9f5UjFMQDAblwpwxo1yuV7KlqjUwD7wyn2oMV+WvjERXXUEWnODz3wUm90SM\/j4DYPoP6wzqT41Be3pZEYwfaomL\/6zhb28md6gyo8ojj3YtPA2OpG0WfTUqoH3KTn2EVOIs4usJSYEPKB1EKGbF7CrnswrMOb8LfJAmPdlih9FzV3KgcVDG6nyfOk2H9qIaY85Ahd5ZZVWu2Dcifjxv4ZmxolDKm33XsEos26xVgFKVxMRFR7gxmfMXGGLYyP0A5+IiAWYPu73bCKsEvhWxCC4OoNReUr6C2SHqzXDixPbiFgTWS\/6O7s3ukpCB7\/SJauajcIjbvGyNqyhLxH5fe2xu4+qcjvCfoaboerbkRTxk6aJY3JlkyjUi7ozR0nMN7qCSBhGHd3RzwzxnR4RP6inl7bZAkVCCwOqS\/8BJUmkhdYLE2Tcu9ECVVQ8qtvFqZZVoeOSO3d6gIwDzfMbAi18OPA8o4EXm\/YZUVUAznvFxIbyxKGUdbJAU3Y1DDorWK1pESxQb8dsjubGvpSjSDJxXByUGK8AZZgKzYncMGNQAH4DWqLAjlV6AlZJedLZA8GZyy5zcT3LcM92d8L6aosZfUo3I17Vph5GJiFkxgZBYvKsYj58diybkaTqthUqzNtQpZJswkUpqCrBeeSqdpypY8vqKOXYfU9LxIayK7AWR\/OzWzOFDW1AYVTwtVRllBBnUL4WwzUaG1bpD27UcVIBjOKeFQDfNPBw9\/uosPBokaIzi\/4tYdPscMbtk8PCAB0AIOjNm82SsJEAb0nPpft6TrlEfiya99V9IL4Bv0DJ3fo6ABsAAwIAAgALAAIBAP8BAAEAACMAAAANABIAEAQDCAQEAQUDCAUFAQgGBgEAEAAOAAwCaDIIaHR0cC8xLjEAKwAHBioqAwQDAwASAAAABQAFAQAAAAD6+gABAAApAJQAbwBpS\/B8sRFReSJY3evikIXJLVWB2N5FI2eZCBOn28Z6vmWfcY7sQ\/2Wm8uwJxQXYOH35dhi8EU8OaPsjvT6DqZYnfKVwyYaZD4fU\/BF3uPC\/iTRdePBuKHWfBHkTXMz4KEbhZyqdLQj5HyVhPpMrwAhIH2rYZdG7aGyecIA1ap3pdjqpDcW3Q2iccgaP\/djtQ8L"}
01261{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":682,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110194850,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":1956,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1722540110195491,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN","hostname":"it-mil-v086.prod.surfshark.com","domainame":"it-mil-v086.prod.surfshark.com","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1517h2_8daaf6152771_b0da82dd1658","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00544{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":683,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_packet_id":5,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110198684,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1722540110198684,"pkt":"CAAn\/ADWILAB4IZiCABFAAA0mz9AADgGnKuSRrYzwKgBtwG7rEboU0P2k+rmz4AQAD88twAAAQEICg2JeRO7v5eL"}
01304{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":685,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110195491,"flow_dst_last_pkt_time":1722540110198757,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":384,"flow_src_tot_l4_payload_len":1956,"flow_dst_tot_l4_payload_len":384,"midstream":0,"thread_ts_usec":1722540110198757,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN","hostname":"it-mil-v086.prod.surfshark.com","domainame":"it-mil-v086.prod.surfshark.com","tls": {"version":"TLSv1.3","ja3s":"fcb2d4d0991292272fcb1e464eedfd43","ja4":"t13d1517h2_8daaf6152771_b0da82dd1658","unsafe_cipher":0,"cipher":"TLS_AES_128_GCM_SHA256","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00987{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":63,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":11,"flow_first_seen":1722431353907697,"flow_src_last_pkt_time":1722431353994238,"flow_dst_last_pkt_time":1722431354035876,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1153,"flow_dst_max_l4_payload_len":2782,"flow_src_tot_l4_payload_len":1671,"flow_dst_tot_l4_payload_len":7458,"midstream":0,"thread_ts_usec":1722540110397706,"l3_proto":"ip4","src_ip":"192.168.1.245","dst_ip":"104.16.156.111","src_port":58624,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.NordVPN","proto_id":"91.426","proto_by_ip":"Cloudflare","proto_by_ip_id":220,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}}
00850{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":700,"packets-processed":699,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":329326,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":60,"total-detection-updates":62,"total-updates":1,"current-active-flows":1,"total-active-flows":64,"total-idle-flows":63,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":557,"global_ts_usec":1739618620340283}
00778{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620340283,"flow_dst_last_pkt_time":1739618620340283,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1739618620340283,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00547{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":700,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":1,"flow_src_last_pkt_time":1739618620340283,"flow_dst_last_pkt_time":1739618620340283,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1739618620340283,"pkt":"LMgbpH+D6MgproQOCABFAAA0vNZAAIAGAADAqFhibe5a7\/4+AbvJAVcuAAAAAIAC\/\/\/iDgAAAgQFtAEDAwgBAQQC"}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":701,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":2,"flow_src_last_pkt_time":1739618620340283,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":62,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":62,"pkt_l4_len":28,"thread_ts_usec":1739618620345591,"pkt":"6MgproQOLMgbpH+DCABFAAAwAABAADgGYOBt7lrvwKhYYgG7\/j4Jh6K5yQFXL3AS\/\/\/V5AAAAgQFggEDAwk="}
00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":702,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":3,"flow_src_last_pkt_time":1739618620345623,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1739618620345623,"pkt":"LMgbpH+D6MgproQOCABFAAAovNdAAIAGAADAqFhibe5a7\/4+AbvJAVcvCYeiulAQAP\/iAgAA"}
01234{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":703,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":4,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":571,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":571,"pkt_l4_len":537,"thread_ts_usec":1739618620345845,"pkt":"LMgbpH+D6MgproQOCABFAAItvNhAAIAGAADAqFhibe5a7\/4+AbvJAVcvCYeiulAYAP\/kBwAAFgMBAgABAAH8AwON6sw\/Rto\/i\/aZRkS3HmMAPZjw0BkketO4oD8ZJq2w3CCkOfPvpJvvuPJAC\/OvFFmWNPugdNR7PBiQ3yLS+LGcxwAgqqoTARMCEwPAK8AvwCzAMMypzKjAE8AUAJwAnQAvADUBAAGTWloAAAAFAAUBAAAAAAAbAAMCAAIAFwAA\/wEAAQAACwACAQD+DQC6AAABAAErACDw8fE86qx7BKl33FvxSNpjKgBE6rAnf+Cc0KyLggQMawCQhx7S1QiTAL3+Fn+LxbJLGfJ2R86jzKD2tC4E\/SxmtSVOFR9DLm\/tOTvmsYcIXWE8IsGHUJUilN0o+YufoJ0oKDqjAgUu5A0T7etJWNFpPRseaorssHN4+WvaRj701\/\/nQGZKhIb44BY4MQoq6oPqV+Fb8\/TE1tHilUNmAtxmHh55m9XupTXV8oOnHqmXTc2+ABAADgAMAmgyCGh0dHAvMS4xACsABwba2gMEAwMAIwAAAC0AAgEBADMAKwApenoAAQAAHQAgVTPIW15AMu0kaA9GTtzilmgFZoTzCWAZljf+T98OkEcADQASABAEAwgEBAEFAwgFBQEIBgYBABIAAAAKAAoACHp6AB0AFwAYRM0ABQADAmgyAAAADgAMAAAJcnV0dWJlLnJ1uroAAQAAFQAQAAAAAAAAAAAAAAAAAAAAAA=="}
01210{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":703,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620345591,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1739618620345845,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media","hostname":"rutube.ru","domainame":"rutube.ru","tls": {"version":"TLSv1.2","ja3s":"","ja4":"t13d1517h2_8daaf6152771_fca9c764716e","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
00538{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":704,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_packet_id":5,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620354780,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1739618620354780,"pkt":"6MgproQOLMgbpH+DCABFAAAo2DQAADgGyLNt7lrvwKhYYgG7\/j4Jh6K6yQFZNFAQf\/9\/ewAAc5IAAAAA"}
01255{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":705,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620345845,"flow_dst_last_pkt_time":1739618620354780,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":517,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":517,"flow_dst_tot_l4_payload_len":1460,"midstream":0,"thread_ts_usec":1739618620354780,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media","hostname":"rutube.ru","domainame":"rutube.ru","tls": {"version":"TLSv1.3","ja3s":"15af977ce25de452b96affa2addb1036","ja4":"t13d1517h2_8daaf6152771_fca9c764716e","unsafe_cipher":0,"cipher":"TLS_AES_256_GCM_SHA384","advertised_alpns":"h2,http\/1.1","tls_supported_versions":"GREASE,TLSv1.3,TLSv1.2","blocks":0}}}
02132{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":731,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":24,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618620404970,"flow_dst_last_pkt_time":1739618620417846,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1991,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":2588,"flow_dst_tot_l4_payload_len":27471,"midstream":0,"thread_ts_usec":1739618620417846,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":0,"avg":4588.7,"max":39059,"stddev":9828.0,"var":96590432.0,"ent":2.8,"data": [5308,5340,222,9189,0,0,0,0,9037,1787,198,11102,0,0,9044,39024,0,0,0,0,0,0,0,0,0,39059,12940,0,0,0,0]},"pktlen": {"min":40,"avg":980.3,"max":2031,"stddev":674.0,"var":454340.0,"ent":4.5,"data": [52,48,40,557,46,1500,1500,1216,941,40,120,2031,46,327,327,40,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,40,1500,1500,1500,1500,1500]},"bins": {"c_to_s": [5,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1],"s_to_c": [3,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,17,0,0]},"directions": [0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,0,1,1,1,1,1,1,1,1,1,1,0,1,1,1,1,1],"entropies": [4.500089169,4.951495171,4.671928406,6.625383854,4.670969009,7.831572533,7.875962734,7.855746269,7.747753143,4.671928406,6.160531998,7.902746677,4.714447498,7.261562824,7.307878971,4.671928406,7.903173923,7.858101368,7.873634338,7.895243168,7.859722137,7.886281967,7.878189087,7.856512547,7.879987717,7.880470276,4.671928406,7.873325348,7.872891426,7.877501011,7.861202240,7.865600586]},"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media"}}
00983{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":793,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":64,"flow_state":"info","flow_src_packets_processed":11,"flow_dst_packets_processed":10,"flow_first_seen":1722540110191305,"flow_src_last_pkt_time":1722540110397706,"flow_dst_last_pkt_time":1722540110391236,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1956,"flow_dst_max_l4_payload_len":3460,"flow_src_tot_l4_payload_len":5083,"flow_dst_tot_l4_payload_len":6344,"midstream":0,"thread_ts_usec":1739618623913267,"l3_proto":"ip4","src_ip":"192.168.1.183","dst_ip":"146.70.182.51","src_port":44102,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.SurfShark","proto_id":"91.427","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Acceptable","category_id":2,"category":"VPN"}}
01004{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","flow_id":65,"flow_state":"finished","flow_src_packets_processed":24,"flow_dst_packets_processed":75,"flow_first_seen":1739618620340283,"flow_src_last_pkt_time":1739618653956061,"flow_dst_last_pkt_time":1739618653959838,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2230,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":14776,"flow_dst_tot_l4_payload_len":83996,"midstream":0,"thread_ts_usec":1739618653959838,"l3_proto":"ip4","src_ip":"192.168.88.98","dst_ip":"109.238.90.239","src_port":65086,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"TLS.RUTUBE","proto_id":"91.443","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Fun","category_id":1,"category":"Media","hostname":"rutube.ru"}}
00852{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/sites.pcapng","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.13.0-5173-c49d126","ndpi_api_version":11990,"size_per_flow":1400,"packets-captured":798,"packets-processed":798,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":428098,"total-not-detected-flows":0,"total-guessed-flows":4,"total-detected-flows":61,"total-detection-updates":63,"total-updates":1,"current-active-flows":0,"total-active-flows":65,"total-idle-flows":65,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":569,"global_ts_usec":1739618653959838}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 798/798
~~ skipped flows.............: 0
~~ total layer4 data length..: 428098 bytes
~~ total detected protocols..: 61
~~ total active/idle flows...: 65/65
~~ total timeout flows.......: 4
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 9662001 bytes
~~ total memory freed........: 9662001 bytes
~~ total allocations/frees...: 147011/147011
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 532 chars
~~ json message max len.......: 4476 chars
~~ json message avg len.......: 2504 chars