1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [....1.173.5.226][22636] -> [..192.168.115.8][22793]
new: [.....2] [ip4][..udp] [..118.171.15.56][.5544] -> [..192.168.115.8][22793]
new: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716]
new: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956]
new: [.....5] [ip4][..udp] [..192.168.115.8][22793] -> [...202.198.7.89][16039]
new: [.....6] [ip4][..udp] [..192.168.115.8][22793] -> [.111.249.53.196][32443]
new: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250]
analyse: [.....1] [ip4][..udp] [....1.173.5.226][22636] -> [..192.168.115.8][22793]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.014| 0.003| 0.004| 16.289| 3.700]
[PKTLEN......: 65.000| 1093.000| 386.200| 476.500| 227043.400| 4.000]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,0,0,1,1,1,1,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1]
[IATS(ms)....: 0.3,0.3,3.0,2.0,4.7,0.3,0.1,0.0,0.6,0.6,2.0,0.9,0.2,1.9,1.1,0.1,11.9,11.8,0.1,13.6,13.5,0.1,2.8,2.6,0.2,1.3,1.0,0.1,1.6,1.9,0.3]
[PKTLENS.....: 1093,65,65,1093,1093,65,65,65,65,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65]
[ENTROPIES...: 7.8,5.1,5.1,7.8,7.8,5.2,5.1,5.2,5.1,5.2,5.2,7.8,5.1,5.1,7.8,5.2,5.2,7.8,5.1,5.1,7.8,5.2,5.2,7.8,5.1,5.1,7.6,5.2,5.2,7.8,5.2,5.2]
not-detected: [.....1] [ip4][..udp] [....1.173.5.226][22636] -> [..192.168.115.8][22793] [Unknown][Unrated]
analyse: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.013| 0.002| 0.004| 13.731| 3.800]
[PKTLEN......: 65.000| 1093.000| 386.200| 476.500| 227043.400| 4.000]
[BINS(c->s)..: 0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.3,12.6,12.6,0.2,1.1,0.9,0.1,1.6,1.5,0.2,2.1,1.8,0.3,0.7,0.6,0.3,1.7,1.1,0.1,3.6,5.8,0.4,11.9,9.1,0.1,1.2,1.4,0.1,1.5,1.1,0.1]
[PKTLENS.....: 65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65]
[ENTROPIES...: 5.1,5.1,7.8,5.2,5.2,7.7,5.0,5.0,7.8,5.2,5.2,7.8,5.1,5.1,7.8,5.1,5.1,7.8,5.1,5.1,7.8,5.1,5.1,7.8,5.1,5.1,7.8,5.2,5.2,7.8,5.2,5.2]
not-detected: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716] [Unknown][Unrated]
new: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793]
analyse: [.....2] [ip4][..udp] [..118.171.15.56][.5544] -> [..192.168.115.8][22793]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.027| 0.009| 0.008| 71.240| 4.100]
[PKTLEN......: 65.000| 1093.000| 386.200| 476.500| 227043.400| 4.000]
[BINS(c->s)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,0,1,1,1,1,0,1,1,0]
[IATS(ms)....: 0.4,0.2,4.9,0.2,24.3,18.9,0.1,5.4,6.9,0.2,19.1,17.6,0.1,13.8,13.8,0.1,13.1,15.4,0.1,27.0,24.4,0.2,9.0,11.0,0.4,2.0,0.9,14.1,8.3,0.1,12.1]
[PKTLENS.....: 1093,65,65,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,1093,65,65,65,65,1093,65,65,1093]
[ENTROPIES...: 7.7,5.1,5.1,5.1,5.1,7.8,5.1,5.1,7.8,5.2,5.2,7.8,5.1,5.1,7.8,5.0,5.0,7.8,5.1,5.1,7.8,5.2,5.2,7.8,5.1,5.1,5.0,5.0,7.8,5.1,5.1,7.8]
not-detected: [.....2] [ip4][..udp] [..118.171.15.56][.5544] -> [..192.168.115.8][22793] [Unknown][Unrated]
new: [.....9] [ip4][..tcp] [..192.168.115.8][50462] -> [.202.108.14.236][...80] [MIDSTREAM]
new: [....10] [ip4][..tcp] [...192.168.5.15][65125] -> [.68.233.253.133][...80] [MIDSTREAM]
analyse: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.070| 0.024| 0.021| 457.568| 4.200]
[PKTLEN......: 65.000| 1093.000| 322.000| 445.100| 198147.000| 3.900]
[BINS(c->s)..: 0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,0]
[IATS(ms)....: 0.4,29.9,29.7,0.1,32.0,32.8,0.3,45.7,0.3,69.6,23.0,0.1,42.0,41.6,0.1,36.0,0.3,59.5,23.0,0.1,31.8,32.2,0.3,44.4,0.3,68.3,22.7,0.2,30.9,30.8,0.2]
[PKTLENS.....: 65,65,1093,65,65,1093,65,65,65,65,1093,65,65,1093,65,65,65,65,1093,65,65,1093,65,65,65,65,1093,65,65,1093,65,65]
[ENTROPIES...: 5.1,5.1,7.8,5.2,5.2,7.8,5.2,5.2,5.2,5.2,7.8,5.3,5.3,7.8,5.1,5.1,5.1,5.1,7.8,5.2,5.2,7.8,5.2,5.2,5.2,5.2,7.8,5.1,5.1,7.8,4.9,4.9]
not-detected: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250] [Unknown][Unrated]
new: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788]
new: [....12] [ip4][..udp] [..192.168.115.8][22793] -> [...210.44.171.1][29702]
new: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107]
new: [....14] [ip4][..udp] [..192.168.115.8][22793] -> [..61.223.204.67][11102]
new: [....15] [ip4][..udp] [..192.168.115.8][22793] -> [..36.237.154.69][.4316]
new: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590]
new: [....17] [ip4][..udp] [..192.168.115.8][22793] -> [.111.117.101.81][10162]
new: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227]
new: [....19] [ip4][..udp] [..192.168.115.8][22793] -> [..202.112.31.89][29072]
new: [....20] [ip4][..udp] [..192.168.115.8][22793] -> [.121.248.133.93][12757]
new: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185]
new: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133]
new: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074]
new: [....24] [ip4][..udp] [..192.168.115.8][22793] -> [..222.26.74.190][.1037]
new: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006]
new: [....26] [ip4][..udp] [..192.168.115.8][22793] -> [.210.44.232.243][21044]
new: [....27] [ip4][..udp] [..192.168.115.8][22793] -> [..1.169.136.116][17951]
new: [....28] [ip4][..udp] [..192.168.115.8][22793] -> [.114.41.144.153][10492]
new: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788]
new: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738]
new: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738]
new: [....32] [ip4][..udp] [..192.168.115.8][22793] -> [..114.47.91.129][22576]
new: [....33] [ip4][..udp] [..192.168.115.8][22793] -> [.220.130.154.23][35941]
new: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788]
new: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788]
new: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788]
analyse: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.108| 0.029| 0.031| 941.853| 4.000]
[PKTLEN......: 47.000| 1093.000| 289.300| 425.300| 180865.500| 3.800]
[BINS(c->s)..: 0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,1,0,0,1]
[IATS(ms)....: 0.9,52.8,52.3,0.3,55.5,0.1,77.7,22.0,0.2,78.3,79.3,0.5,0.4,0.1,46.5,44.4,0.1,18.4,18.5,0.3,36.0,0.1,108.0,71.5,0.7,28.3,0.5,45.9,16.1,0.4,33.5]
[PKTLENS.....: 65,65,1093,65,65,65,65,1093,65,65,1093,65,65,65,65,1093,65,65,1093,65,65,65,65,1093,65,65,65,65,1093,65,65,47]
[ENTROPIES...: 5.3,5.3,7.8,5.3,5.3,5.3,5.3,7.8,5.2,5.2,7.8,5.0,5.0,5.1,5.1,7.8,5.2,5.2,7.7,5.1,5.1,5.1,5.1,7.8,5.1,5.1,5.1,5.1,7.8,5.1,5.1,4.9]
not-detected: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956] [Unknown][Unrated]
new: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [MIDSTREAM]
detected: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun][api.cupid.iqiyi.com]
new: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [MIDSTREAM]
detected: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable][click.hm.baidu.com]
new: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [MIDSTREAM]
detected: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.Google][Web][Acceptable][clients1.google.com]
new: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [MIDSTREAM]
detected: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [MIDSTREAM]
detected: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Streaming][Fun][cache.video.iqiyi.com]
new: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [MIDSTREAM]
detected: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Web][Acceptable][]
new: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [MIDSTREAM]
detected: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Web][Acceptable][cmc.tanx.com]
new: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [MIDSTREAM]
detected: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][Cybersecurity][Safe][bcu.ff.avast.com]
RISK: HTTP Suspicious User-Agent
new: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900]
detected: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable][meta.video.qiyi.com]
new: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [MIDSTREAM]
detected: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable][pdata.video.qiyi.com]
new: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [MIDSTREAM]
detected: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable][pdata.video.qiyi.com]
new: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [MIDSTREAM]
detected: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable][223.26.106.66]
RISK: HTTP Numeric IP Address
detection-update: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable][223.26.106.66]
RISK: HTTP Numeric IP Address
new: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [MIDSTREAM]
detected: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Web][Acceptable][pdata.video.qiyi.com]
new: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [MIDSTREAM]
detected: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable][223.26.106.66]
RISK: HTTP Numeric IP Address
new: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [MIDSTREAM]
detected: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable][api.magicansoft.com]
new: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900]
detected: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [MIDSTREAM]
detected: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun][api.cupid.iqiyi.com]
new: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [MIDSTREAM]
detected: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable][click.hm.baidu.com]
new: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900]
detected: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900]
detected: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [MIDSTREAM]
detected: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable][msg.video.qiyi.com]
new: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [MIDSTREAM]
detected: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [MIDSTREAM]
detected: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Web][Acceptable][s1.symcb.com]
new: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900]
detected: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900]
detected: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [MIDSTREAM]
detected: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable][api.magicansoft.com]
new: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900]
detected: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
update: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133]
update: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006]
update: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107]
update: [....24] [ip4][..udp] [..192.168.115.8][22793] -> [..222.26.74.190][.1037]
update: [....26] [ip4][..udp] [..192.168.115.8][22793] -> [.210.44.232.243][21044]
update: [....27] [ip4][..udp] [..192.168.115.8][22793] -> [..1.169.136.116][17951]
update: [....33] [ip4][..udp] [..192.168.115.8][22793] -> [.220.130.154.23][35941]
update: [....32] [ip4][..udp] [..192.168.115.8][22793] -> [..114.47.91.129][22576]
update: [.....6] [ip4][..udp] [..192.168.115.8][22793] -> [.111.249.53.196][32443]
update: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716] [Unknown][Unrated]
update: [....12] [ip4][..udp] [..192.168.115.8][22793] -> [...210.44.171.1][29702]
update: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956] [Unknown][Unrated]
update: [.....2] [ip4][..udp] [..118.171.15.56][.5544] -> [..192.168.115.8][22793] [Unknown][Unrated]
update: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074]
update: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250] [Unknown][Unrated]
update: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590]
update: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788]
update: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227]
update: [....20] [ip4][..udp] [..192.168.115.8][22793] -> [.121.248.133.93][12757]
update: [....19] [ip4][..udp] [..192.168.115.8][22793] -> [..202.112.31.89][29072]
update: [....28] [ip4][..udp] [..192.168.115.8][22793] -> [.114.41.144.153][10492]
update: [....14] [ip4][..udp] [..192.168.115.8][22793] -> [..61.223.204.67][11102]
update: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793]
update: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788]
update: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788]
update: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185]
update: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788]
update: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788]
update: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738]
update: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738]
update: [....17] [ip4][..udp] [..192.168.115.8][22793] -> [.111.117.101.81][10162]
update: [.....1] [ip4][..udp] [....1.173.5.226][22636] -> [..192.168.115.8][22793] [Unknown][Unrated]
update: [.....5] [ip4][..udp] [..192.168.115.8][22793] -> [...202.198.7.89][16039]
update: [....15] [ip4][..udp] [..192.168.115.8][22793] -> [..36.237.154.69][.4316]
new: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [MIDSTREAM]
detected: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
analyse: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.036| 0.003| 0.009| 74.977| 1.800]
[PKTLEN......: 184.000| 1300.000| 1207.000| 293.900| 86398.000| 4.900]
[BINS(c->s)..: 0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,29,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 2.9,35.0,35.8,0.0,0.1,1.0,0.0,0.0,0.0,0.0,0.0,0.0,4.1,0.0,0.0,0.0,0.0,0.0,0.6,0.0,0.0,0.0,0.0,4.3,0.1,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 184,552,188,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300]
[ENTROPIES...: 5.6,5.7,5.6,4.4,0.3,0.3,3.7,6.1,5.9,6.1,6.0,6.2,6.1,6.0,6.1,5.9,6.3,6.2,6.3,6.4,5.8,6.2,6.0,6.1,6.1,6.4,6.3,6.0,6.1,6.0,6.4,6.3]
new: [....83] [ip4][..udp] [...192.168.5.38][.1900] -> [239.255.255.250][.1900]
detected: [....83] [ip4][..udp] [...192.168.5.38][.1900] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900]
detected: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [....85] [ip4][..tcp] [..192.168.115.8][50507] -> [..223.26.106.19][...80] [MIDSTREAM]
detected: [....85] [ip4][..tcp] [..192.168.115.8][50507] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [MIDSTREAM]
detected: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [HTTP][Web][Acceptable][]
new: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [MIDSTREAM]
detected: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [HTTP][Web][Acceptable][]
new: [....88] [ip4][..tcp] [..192.168.115.8][50508] -> [..223.26.106.19][...80] [MIDSTREAM]
detected: [....88] [ip4][..tcp] [..192.168.115.8][50508] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [MIDSTREAM]
detected: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Web][Acceptable][iplocation.geo.qiyi.com]
new: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....91] [ip4][..tcp] [..192.168.115.8][50767] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [....91] [ip4][..tcp] [..192.168.115.8][50767] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [MIDSTREAM]
detected: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable][msg.video.qiyi.com]
new: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [MIDSTREAM]
detected: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable][static.qiyi.com]
new: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [MIDSTREAM]
detected: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun][api.cupid.iqiyi.com]
new: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [MIDSTREAM]
detected: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [MIDSTREAM]
detected: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun][nl.rcd.iqiyi.com]
new: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [MIDSTREAM]
detected: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [MIDSTREAM]
detected: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun][nl.rcd.iqiyi.com]
new: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [MIDSTREAM]
detected: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable][msg.71.am]
new: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [MIDSTREAM]
detected: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [MIDSTREAM]
detected: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun][preimage1.qiyipic.com]
analyse: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.061| 0.004| 0.013| 157.316| 1.800]
[PKTLEN......: 289.000| 1300.000| 1268.400| 175.900| 30943.100| 5.000]
[BINS(c->s)..: 0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 61.4,0.0,0.0,0.0,0.0,0.0,30.3,0.0,0.0,0.0,25.9,0.0,0.0,0.5,0.0,0.0,0.0,0.0,0.6,0.0,0.0,3.5,0.0,0.8,0.0,0.0,0.0,0.0,0.0,0.0,2.2]
[PKTLENS.....: 289,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300]
[ENTROPIES...: 5.7,7.1,7.8,7.8,7.8,7.8,7.8,7.9,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.7,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8]
new: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900]
detected: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900]
new: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [MIDSTREAM]
detected: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun][msg.iqiyi.com]
new: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun][preimage1.qiyipic.com]
analyse: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.063| 0.005| 0.015| 237.632| 1.700]
[PKTLEN......: 289.000| 1300.000| 1268.400| 175.900| 30943.100| 5.000]
[BINS(c->s)..: 0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,31,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1]
[IATS(ms)....: 62.9,0.0,0.0,0.0,0.0,0.0,28.6,0.0,0.0,0.0,57.9,0.0,0.0,0.0,0.0,0.0,0.3,0.0,0.0,0.3,0.0,3.2,0.0,0.0,0.8,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 289,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300,1300]
[ENTROPIES...: 5.7,7.1,7.8,7.8,7.8,7.8,7.8,7.7,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8]
update: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
new: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [MIDSTREAM]
detected: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun][preimage1.qiyipic.com]
new: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [MIDSTREAM]
detected: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.AVAST][Download][Safe][]
RISK: Binary App Transfer
detection-update: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.AVAST][Download][Safe][]
RISK: Binary App Transfer
not-detected: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133] [Unknown][Unrated]
idle: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133]
idle: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][Cybersecurity][Safe]
RISK: HTTP Suspicious User-Agent
not-detected: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006] [Unknown][Unrated]
idle: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006]
not-detected: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107] [Unknown][Unrated]
idle: [....13] [ip4][..udp] [..192.168.115.8][22793] -> [.111.250.102.66][.1107]
guessed: [....10] [ip4][..tcp] [...192.168.5.15][65125] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable][]
end: [....10] [ip4][..tcp] [...192.168.5.15][65125] -> [.68.233.253.133][...80]
idle: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
idle: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Web][Acceptable]
not-detected: [....24] [ip4][..udp] [..192.168.115.8][22793] -> [..222.26.74.190][.1037] [Unknown][Unrated]
idle: [....24] [ip4][..udp] [..192.168.115.8][22793] -> [..222.26.74.190][.1037]
not-detected: [....26] [ip4][..udp] [..192.168.115.8][22793] -> [.210.44.232.243][21044] [Unknown][Unrated]
idle: [....26] [ip4][..udp] [..192.168.115.8][22793] -> [.210.44.232.243][21044]
not-detected: [....27] [ip4][..udp] [..192.168.115.8][22793] -> [..1.169.136.116][17951] [Unknown][Unrated]
idle: [....27] [ip4][..udp] [..192.168.115.8][22793] -> [..1.169.136.116][17951]
idle: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.Google][Web][Acceptable]
not-detected: [....33] [ip4][..udp] [..192.168.115.8][22793] -> [.220.130.154.23][35941] [Unknown][Unrated]
idle: [....33] [ip4][..udp] [..192.168.115.8][22793] -> [.220.130.154.23][35941]
idle: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable]
idle: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
idle: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Web][Acceptable]
RISK: HTTP Numeric IP Address
idle: [....81] [ip4][..tcp] [..192.168.115.8][50505] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
idle: [....85] [ip4][..tcp] [..192.168.115.8][50507] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
idle: [....88] [ip4][..tcp] [..192.168.115.8][50508] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
not-detected: [....32] [ip4][..udp] [..192.168.115.8][22793] -> [..114.47.91.129][22576] [Unknown][Unrated]
idle: [....32] [ip4][..udp] [..192.168.115.8][22793] -> [..114.47.91.129][22576]
idle: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
not-detected: [.....6] [ip4][..udp] [..192.168.115.8][22793] -> [.111.249.53.196][32443] [Unknown][Unrated]
idle: [.....6] [ip4][..udp] [..192.168.115.8][22793] -> [.111.249.53.196][32443]
idle: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable]
idle: [....91] [ip4][..tcp] [..192.168.115.8][50767] -> [..223.26.106.20][...80] [HTTP][Web][Acceptable]
idle: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Web][Acceptable]
end: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
end: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Streaming][Fun]
idle: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80]
idle: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295]
idle: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716] [Unknown][Unrated]
idle: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
not-detected: [....12] [ip4][..udp] [..192.168.115.8][22793] -> [...210.44.171.1][29702] [Unknown][Unrated]
idle: [....12] [ip4][..udp] [..192.168.115.8][22793] -> [...210.44.171.1][29702]
idle: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable]
idle: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Web][Acceptable]
idle: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Streaming][Fun]
idle: [.....4] [ip4][..udp] [..192.168.115.8][22793] -> [.222.197.138.12][.6956] [Unknown][Unrated]
idle: [.....2] [ip4][..udp] [..118.171.15.56][.5544] -> [..192.168.115.8][22793] [Unknown][Unrated]
guessed: [.....9] [ip4][..tcp] [..192.168.115.8][50462] -> [.202.108.14.236][...80] [HTTP][Web][Acceptable][]
idle: [.....9] [ip4][..tcp] [..192.168.115.8][50462] -> [.202.108.14.236][...80]
idle: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80]
idle: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
idle: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
idle: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80]
idle: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506]
idle: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174]
not-detected: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074] [Unknown][Unrated]
idle: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074]
idle: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250] [Unknown][Unrated]
not-detected: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590] [Unknown][Unrated]
idle: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590]
idle: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable]
not-detected: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788] [Unknown][Unrated]
idle: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788]
end: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Web][Acceptable]
idle: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Web][Acceptable]
not-detected: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227] [Unknown][Unrated]
idle: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227]
not-detected: [....20] [ip4][..udp] [..192.168.115.8][22793] -> [.121.248.133.93][12757] [Unknown][Unrated]
idle: [....20] [ip4][..udp] [..192.168.115.8][22793] -> [.121.248.133.93][12757]
idle: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Streaming][Acceptable]
not-detected: [....19] [ip4][..udp] [..192.168.115.8][22793] -> [..202.112.31.89][29072] [Unknown][Unrated]
idle: [....19] [ip4][..udp] [..192.168.115.8][22793] -> [..202.112.31.89][29072]
idle: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Streaming][Acceptable]
idle: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [HTTP][Streaming][Acceptable]
not-detected: [....28] [ip4][..udp] [..192.168.115.8][22793] -> [.114.41.144.153][10492] [Unknown][Unrated]
idle: [....28] [ip4][..udp] [..192.168.115.8][22793] -> [.114.41.144.153][10492]
not-detected: [....14] [ip4][..udp] [..192.168.115.8][22793] -> [..61.223.204.67][11102] [Unknown][Unrated]
idle: [....14] [ip4][..udp] [..192.168.115.8][22793] -> [..61.223.204.67][11102]
idle: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable]
idle: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Web][Acceptable]
idle: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Web][Acceptable]
idle: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Streaming][Fun]
not-detected: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793] [Unknown][Unrated]
idle: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793]
idle: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
not-detected: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788] [Unknown][Unrated]
idle: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788]
not-detected: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788] [Unknown][Unrated]
idle: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788]
not-detected: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185] [Unknown][Unrated]
idle: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185]
not-detected: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788] [Unknown][Unrated]
idle: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788]
not-detected: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788] [Unknown][Unrated]
idle: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788]
idle: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
not-detected: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738] [Unknown][Unrated]
idle: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738]
not-detected: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738] [Unknown][Unrated]
idle: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738]
idle: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Web][Acceptable]
idle: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443]
idle: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun]
idle: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun]
idle: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Streaming][Fun]
idle: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
not-detected: [....17] [ip4][..udp] [..192.168.115.8][22793] -> [.111.117.101.81][10162] [Unknown][Unrated]
idle: [....17] [ip4][..udp] [..192.168.115.8][22793] -> [.111.117.101.81][10162]
idle: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [.....1] [ip4][..udp] [....1.173.5.226][22636] -> [..192.168.115.8][22793] [Unknown][Unrated]
not-detected: [.....5] [ip4][..udp] [..192.168.115.8][22793] -> [...202.198.7.89][16039] [Unknown][Unrated]
idle: [.....5] [ip4][..udp] [..192.168.115.8][22793] -> [...202.198.7.89][16039]
idle: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Web][Acceptable]
idle: [....83] [ip4][..udp] [...192.168.5.38][.1900] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
not-detected: [....15] [ip4][..udp] [..192.168.115.8][22793] -> [..36.237.154.69][.4316] [Unknown][Unrated]
idle: [....15] [ip4][..udp] [..192.168.115.8][22793] -> [..36.237.154.69][.4316]
DAEMON-EVENT: shutdown
|