gfwleak/grityu-model-duplication
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

five modes duplication

Browse Source
This commit is contained in:
fangxiaoyu
2023-03-16 22:42:35 +08:00
commit a9f5451c36
34 changed files with 28042 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
.DS_Store vendored Normal file
View File

Binary file not shown.

BIN
20230309_fxy_psiphon_operation.pcapng Normal file
View File

Binary file not shown.

47
C4.5_test.py Normal file
View File

@@ -0,0 +1,47 @@
# Name:fang xiaoyu
# Time: 2023/3/11 22:28
import pandas as pd
from sklearn.model_selection import train_test_split
from sklearn.tree import DecisionTreeClassifier
from sklearn.metrics import accuracy_score
from sklearn import preprocessing
from sklearn import tree
from sklearn.metrics import classification_report
# 加载CSV文件
data = pd.read_csv('sufshark_openvpn_tcp+youdao_header.csv')
# 将类别转换为数字标签
# le = preprocessing.LabelEncoder()
# data['label'] = le.fit_transform(data['label'])
data["class1"] = data["class1"].replace({"VPN": 1, "Non-VPN": 0})
# 分离特征和类别
X = data.iloc[:, :-1]
y = data.iloc[:, -1]
# 划分数据集
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.3)
# 初始化分类器并训练模型
clf = DecisionTreeClassifier(criterion="entropy")
clf.fit(X_train, y_train)
# 预测测试数据集
y_pred = clf.predict(X_test)
# 评估分类器的性能
print("Accuracy:", accuracy_score(y_test, y_pred))
print(classification_report(y_test, y_pred))
# 可视化决策树
tree.plot_tree(clf)
#Accuracy: 0.8841506751954513
# precision recall f1-score support
#
# 0 0.89 0.86 0.87 2708
# 1 0.88 0.90 0.89 2920
#
# accuracy 0.88 5628
# macro avg 0.88 0.88 0.88 5628
# weighted avg 0.88 0.88 0.88 5628

33
Knn_test.py Normal file
View File

@@ -0,0 +1,33 @@
# Name:fang xiaoyu
# Time: 2023/3/11 22:05
import pandas as pd
from sklearn.model_selection import train_test_split
from sklearn.neighbors import KNeighborsClassifier
from sklearn.metrics import accuracy_score
from sklearn.metrics import classification_report
data = pd.read_csv('sufshark_openvpn_tcp+youdao_header.csv')
data["class1"] = data["class1"].replace({"VPN": 1, "Non-VPN": 0})
#print(data)
X_train, X_test, y_train, y_test = train_test_split(
data.iloc[:, :-1], data.iloc[:, -1], test_size=0.2, random_state=42)
knn = KNeighborsClassifier(n_neighbors=3)
knn.fit(X_train, y_train)
y_pred = knn.predict(X_test)
accuracy = accuracy_score(y_test, y_pred)
print(f"Accuracy: {accuracy}")
print(classification_report(y_test, y_pred))
#Accuracy: 0.8200959488272921
# precision recall f1-score support
#
# 0 0.79 0.83 0.81 1767
# 1 0.84 0.81 0.83 1985
#
# accuracy 0.82 3752
# macro avg 0.82 0.82 0.82 3752
# weighted avg 0.82 0.82 0.82 3752

55
Randomforest_test.py Normal file
View File

@@ -0,0 +1,55 @@
# Name:fang xiaoyu
# Time: 2023/3/11 23:18
import pandas as pd
import seaborn as sns
import matplotlib.pyplot as plt
from sklearn.ensemble import RandomForestClassifier
from sklearn.metrics import accuracy_score, confusion_matrix , precision_score, recall_score, f1_score
from sklearn.model_selection import train_test_split
from sklearn.metrics import classification_report
# 读取数据
data = pd.read_csv('sufshark_openvpn_tcp+youdao_header.csv')
# 将类别转换为数字标签
data["class1"] = data["class1"].replace({"VPN": 1, "Non-VPN": 0})
# 提取特征和标签
X = data.drop('class1', axis=1)
y = data['class1']
# 划分训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.3, random_state=42)
# 创建随机森林分类器
rfc = RandomForestClassifier(n_estimators=100, criterion='gini', max_depth=10, min_samples_split=2, min_samples_leaf=1,
max_features='auto', bootstrap=True, random_state=42)
# 训练模型
rfc.fit(X_train, y_train)
# 预测测试集
y_pred = rfc.predict(X_test)
# 计算准确率
accuracy = accuracy_score(y_test, y_pred)
precision = precision_score(y_test,y_pred)
recall = recall_score(y_test,y_pred)
f1 = f1_score(y_test,y_pred)
print('Accuracy:', accuracy)
print("Precision:",precision)
print("Recall:",recall)
print("f1_score:",f1)
print(classification_report(y_test, y_pred))
# Accuracy: 0.8909026297085999
# Precision: 0.8626424391746227
# Recall: 0.9434152913438868
# f1_score: 0.9012226512226512
# 混淆矩阵可视化
conf_mat = confusion_matrix(y_test, y_pred)
sns.heatmap(conf_mat, annot=True, cmap='Blues', fmt='g')
plt.xlabel('Predicted')
plt.ylabel('Actual')
plt.show()

44
SVM_test.py Normal file
View File

@@ -0,0 +1,44 @@
# Name:fang xiaoyu
# Time: 2023/3/11 22:30
import pandas as pd
from sklearn.model_selection import train_test_split
from sklearn.svm import SVC
from sklearn.metrics import classification_report
# 读取CSV文件
data = pd.read_csv('sufshark_openvpn_tcp+youdao_header.csv')
# 将类别转换为数字标签
# le = preprocessing.LabelEncoder()
# data['label'] = le.fit_transform(data['label'])
data["class1"] = data["class1"].replace({"VPN": 1, "Non-VPN": 0})
# 分离特征和类别
X = data.iloc[:, :-1]
y = data.iloc[:, -1]
# # 分离特征和标签
# X = data.drop('label', axis=1)
# y = data['label']
# 划分训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2)
# 创建SVM模型
svm_model = SVC()
# 在训练集上训练模型
svm_model.fit(X_train, y_train)
# 在测试集上评估模型
predictions = svm_model.predict(X_test)
print(classification_report(y_test, predictions))
# precision recall f1-score support
#
# 0 0.59 0.42 0.49 1720
# 1 0.61 0.76 0.67 2032
#
# accuracy 0.60 3752
# macro avg 0.60 0.59 0.58 3752
# weighted avg 0.60 0.60 0.59 3752

BIN
ScenarioA.pkl Normal file
View File

Binary file not shown.

18759
TimeBasedFeatures-Dataset-15s-VPN.csv Normal file
View File

File diff suppressed because it is too large Load Diff

68
XGBoost_test.py Normal file
View File

@@ -0,0 +1,68 @@
# Name:fang xiaoyu
# Time: 2023/3/11 22:35
import pandas as pd
import numpy as np
from sklearn.model_selection import train_test_split
from sklearn.metrics import accuracy_score, confusion_matrix , precision_score, recall_score, f1_score
import xgboost as xgb
from sklearn.metrics import classification_report
# 读取CSV文件
df = pd.read_csv('sufshark_openvpn_tcp+youdao_header.csv')
# 将VPN和非VPN数据分为两个类别
df['class1'] = np.where(df['class1'] == 'VPN', 1, 0)
# 划分训练集和测试集
train, test = train_test_split(df, test_size=0.2, random_state=42)
# 将数据转换为DMatrix格式
train_dmatrix = xgb.DMatrix(data=train.drop(['class1'], axis=1), label=train['class1'])
test_dmatrix = xgb.DMatrix(data=test.drop(['class1'], axis=1), label=test['class1'])
# print(train_dmatrix)
# print(test_dmatrix)
# 定义XGBoost模型参数
params = {
'objective': 'binary:logistic',
'eval_metric': 'auc',
'eta': 0.1,
'max_depth': 6,
'min_child_weight': 1,
'subsample': 0.8,
'colsample_bytree': 0.8,
'seed': 42
}
# 训练XGBoost模型
xgb_model = xgb.train(
params=params,
dtrain=train_dmatrix,
num_boost_round=100,
early_stopping_rounds=10,
evals=[(test_dmatrix, 'test')]
)
# 对测试集进行预测
y_pred = xgb_model.predict(test_dmatrix)
# 将预测结果转换为类别标签
y_pred_label = np.where(y_pred > 0.5, 1, 0)
# 计算模型准确性
accuracy = accuracy_score(test['class1'], y_pred_label)
precision = precision_score(test['class1'], y_pred_label)
recall = recall_score(test['class1'], y_pred_label)
f1 = f1_score(test['class1'], y_pred_label)
print(f"Accuracy: {accuracy}")
print(f"Precision: {precision}")
print(f"Recall: {recall}")
print(f"F1-score: {f1}")
print(classification_report(test['class1'], y_pred_label))
# Accuracy: 0.9139125799573561
# Precision: 0.8972275334608031
# Recall: 0.9455919395465995
# F1-score: 0.9207750797154771

308
example.py Normal file
View File

@@ -0,0 +1,308 @@
# Name:fang xiaoyu
# Time: 2023/3/9 23:40
#用Python写一个使用trannalyzer2来提取网络流量特征并使用这些特征来训练一个KNN分类模型
'''
以下是一个简单的Python代码示例用于使用Tranalyzer2提取网络流量特征并使用这些特征来训练一个KNN分类模型
```python
import os
import json
import pandas as pd
from sklearn.neighbors import KNeighborsClassifier
from sklearn.model_selection import train_test_split
# 定义Tranalyzer2命令和特征提取命令
tranalyzer_cmd = "tranalyzer2 -r {} -w {} -t"
feature_cmd = "tranalyzer2 -r {} --bidir --tcp --protoid --statsonly --export json"
# 定义pcap文件路径和输出文件路径
pcap_file = "capture.pcap"
binetflow_file = "capture.binetflow"
# 转换pcap文件为binetflow格式
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
# 提取特征并保存到json文件中
os.system(feature_cmd.format(binetflow_file) + " > features.json")
# 读取json文件中的特征数据并转换为DataFrame格式
with open("features.json", "r") as f:
data = json.load(f)
df = pd.DataFrame(data)
# 将标签列转换为数值类型0或1
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
# 将数据集划分为训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
# 创建KNN分类器对象设置邻居数量为5
knn_model = KNeighborsClassifier(n_neighbors=5)
# 训练模型并预测测试集结果
knn_model.fit(X_train, y_train)
y_pred = knn_model.predict(X_test)
# 输出准确率和混淆矩阵等评估指标
from sklearn.metrics import accuracy_score, confusion_matrix
print("Accuracy:", accuracy_score(y_test, y_pred))
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
```
在这个示例中我们首先定义了Tranalyzer2的命令和特征提取命令并指定了输入pcap文件和输出binetflow文件的路径。然后我们使用os库调用系统命令来执行Tranalyzer2转换操作并将特征保存到json格式的文件中。
接下来我们使用pandas库将json文件中的特征数据读取为DataFrame格式并将标签列转换为数值类型0或1。然后我们使用train_test_split函数将数据集划分为训练集和测试集。
接着我们创建了一个KNN分类器对象并设置邻居数量为5。然后我们使用fit方法训练模型并使用predict方法预测测试集结果。
最后,我们输出了准确率和混淆矩阵等评估指标。需要注意的是,在实际应用中,需要根据具体需求选择不同
'''
#用Python写一个使用trannalyzer2来提取网络流量特征并使用这些特征来训练一个SVm分类模型
'''
以下是一个简单的Python代码示例用于使用Tranalyzer2提取网络流量特征并使用这些特征来训练一个SVM分类模型
```python
import os
import json
import pandas as pd
from sklearn.svm import SVC
from sklearn.model_selection import train_test_split
# 定义Tranalyzer2命令和特征提取命令
tranalyzer_cmd = "tranalyzer2 -r {} -w {} -t"
feature_cmd = "tranalyzer2 -r {} --bidir --tcp --protoid --statsonly --export json"
# 定义pcap文件路径和输出文件路径
pcap_file = "capture.pcap"
binetflow_file = "capture.binetflow"
# 转换pcap文件为binetflow格式
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
# 提取特征并保存到json文件中
os.system(feature_cmd.format(binetflow_file) + " > features.json")
# 读取json文件中的特征数据并转换为DataFrame格式
with open("features.json", "r") as f:
data = json.load(f)
df = pd.DataFrame(data)
# 将标签列转换为数值类型0或1
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
# 将数据集划分为训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
# 创建SVM分类器对象设置核函数为rbf惩罚参数为1.0gamma参数为scale
svm_model = SVC(kernel="rbf", C=1.0, gamma="scale")
# 训练模型并预测测试集结果
svm_model.fit(X_train, y_train)
y_pred = svm_model.predict(X_test)
# 输出准确率和混淆矩阵等评估指标
from sklearn.metrics import accuracy_score, confusion_matrix
print("Accuracy:", accuracy_score(y_test, y_pred))
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
```
'''
'''
在这个示例中我们首先定义了Tranalyzer2的命令和特征提取命令并指定了输入pcap文件和输出binetflow文件的路径。然后我们使用os库调用系统命令来执行Tranalyzer2转换操作并将特征保存到json格式的文件中。
接下来我们使用pandas库将json文件中的特征数据读取为DataFrame格式并将标签列转换为数值类型0或1。然后我们使用train_test_split函数将数据集划分为训练集和测试集。
接着我们创建了一个SVM分类器对象并设置核函数为rbf惩罚参数为1.0gamma参数为scale。然后我们使用fit方法训练模型并使用predict方法预测测试集结果。
最后,我们输出了准确率和混淆矩阵等评估指标。需要注意的是,在实际应用中,需要根据具体需求选择不同的特征提取选项和分类器模型,并对模型进行调参等操作以提高性能。
'''
#用Python写一个使用trannalyzer2来提取网络流量特征并使用这些特征来训练一个C4.5分类模型
"""
以下是一个简单的Python代码示例用于使用Tranalyzer2提取网络流量特征并使用这些特征来训练一个C4.5分类模型:
```python
import os
import json
import pandas as pd
from sklearn.tree import DecisionTreeClassifier
from sklearn.model_selection import train_test_split
# 定义Tranalyzer2命令和特征提取命令
tranalyzer_cmd = "tranalyzer2 -r {} -w {} -t"
feature_cmd = "tranalyzer2 -r {} --bidir --tcp --protoid --statsonly --export json"
# 定义pcap文件路径和输出文件路径
pcap_file = "capture.pcap"
binetflow_file = "capture.binetflow"
# 转换pcap文件为binetflow格式
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
# 提取特征并保存到json文件中
os.system(feature_cmd.format(binetflow_file) + " > features.json")
# 读取json文件中的特征数据并转换为DataFrame格式
with open("features.json", "r") as f:
data = json.load(f)
df = pd.DataFrame(data)
# 将标签列转换为数值类型0或1
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
# 将数据集划分为训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
# 创建C4.5分类器对象设置最大深度为3信息增益阈值为0.1最小样本数为10个样本点。
c45_model = DecisionTreeClassifier(criterion="entropy", max_depth=3, min_samples_leaf=10)
# 训练模型并预测测试集结果
c45_model.fit(X_train, y_train)
y_pred = c45_model.predict(X_test)
# 输出准确率和混淆矩阵等评估指标
from sklearn.metrics import accuracy_score, confusion_matrix
print("Accuracy:",accuracy_score(y_test, y_pred))
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
```
在这个示例中我们首先定义了Tranalyzer2的命令和特征提取命令并指定了输入pcap文件和输出binetflow文件的路径。然后我们使用os库调用系统命令来执行Tranalyzer2转换操作并将特征保存到json格式的文件中。
接下来我们使用pandas库将json文件中的特征数据读取为DataFrame格式并将标签列转换为数值类型0或1。然后我们使用train_test_split函数将数据集划分为训练集和测试集。
接着我们创建了一个C4.5分类器对象并设置最大深度为3信息增益阈值为0.1最小样本数为10个样本点。然后我们使用fit方法训练模型并使用predict方法预测测试集结果。
最后,我们输出了准确率和混淆矩阵等评估指标。需要注意的是,在实际应用中,需要根据具体需求选择不同的特征提取选项和分类器模型,并对模型进行调参等操作以提高性能。
"""
#
'''
以下是一个简单的Python代码示例用于使用Tranalyzer2提取网络流量特征并使用这些特征来训练一个Random Forest分类模型
```python
import os
import json
import pandas as pd
from sklearn.ensemble import RandomForestClassifier
from sklearn.model_selection import train_test_split
# 定义Tranalyzer2命令和特征提取命令
tranalyzer_cmd = "tranalyzer2 -r {} -w {} -t"
feature_cmd = "tranalyzer2 -r {} --bidir --tcp --protoid --statsonly --export json"
# 定义pcap文件路径和输出文件路径
pcap_file = "capture.pcap"
binetflow_file = "capture.binetflow"
# 转换pcap文件为binetflow格式
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
# 提取特征并保存到json文件中
os.system(feature_cmd.format(binetflow_file) + " > features.json")
# 读取json文件中的特征数据并转换为DataFrame格式
with open("features.json", "r") as f:
data = json.load(f)
df = pd.DataFrame(data)
# 将标签列转换为数值类型0或1
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
# 将数据集划分为训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
# 创建Random Forest分类器对象设置树的数量为100最大深度为10信息增益阈值为0.1。
rf_model = RandomForestClassifier(n_estimators=100, max_depth=10, criterion="entropy", min_samples_leaf=10)
# 训练模型并预测测试集结果
rf_model.fit(X_train, y_train)
y_pred = rf_model.predict(X_test)
# 输出准确率和混淆矩阵等评估指标
from sklearn.metrics import accuracy_score, confusion_matrix
print("Accuracy:", accuracy_score(y_test, y_pred))
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
```
'''
'''
在这个示例中我们首先定义了Tranalyzer2的命令和特征提取命令并指定了输入pcap文件和输出binetflow文件的路径。然后我们使用os库调用系统命令来执行Tranalyzer2转换操作并将特征保存到json格式的文件中。
接下来我们使用pandas库将json文件中的特征数据读取为DataFrame格式并将标签列转换为数值类型0或1。然后我们使用train_test_split函数将数据集划分为训练集和测试集。
接着我们创建了一个Random Forest分类器对象并设置树的数量为100最大深度为10信息增益阈值为0.1。然后我们使用fit方法训练模型并使用predict方法预测测试集结果。
最后,我们输出了准确率和混淆矩阵等评估指标。需要注意的是,在实际应用中,需要根据具体需求选择不同的特征提取选项和分类器模型,并对模型进行调参等操作以提高性能。
'''
#以下是一个简单的Python代码示例用于使用Tranalyzer2提取网络流量特征并使用这些特征来训练一个XGBoost分类模型
'''
```python
import os
import json
import pandas as pd
import xgboost as xgb
from sklearn.model_selection import train_test_split
# 定义Tranalyzer2命令和特征提取命令
tranalyzer_cmd = "tranalyzer2 -r {} -w {} -t"
feature_cmd = "tranalyzer2 -r {} --bidir --tcp --protoid --statsonly --export json"
# 定义pcap文件路径和输出文件路径
pcap_file = "capture.pcap"
binetflow_file = "capture.binetflow"
# 转换pcap文件为binetflow格式
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
# 提取特征并保存到json文件中
os.system(feature_cmd.format(binetflow_file) + " > features.json")
# 读取json文件中的特征数据并转换为DataFrame格式
with open("features.json", "r") as f:
data = json.load(f)
df = pd.DataFrame(data)
# 将标签列转换为数值类型0或1
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
# 将数据集划分为训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
# 创建XGBoost分类器对象设置树的数量为100最大深度为10学习率为0.1。
xgb_model = xgb.XGBClassifier(n_estimators=100, max_depth=10, learning_rate=0.1)
# 训练模型并预测测试集结果
xgb_model.fit(X_train, y_train)
y_pred = xgb_model.predict(X_test)
# 输出准确率和混淆矩阵等评估指标
from sklearn.metrics import accuracy_score, confusion_matrix
print("Accuracy:", accuracy_score(y_test, y_pred
继续
))
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
```
'''
'''
在这个示例中我们首先定义了Tranalyzer2的命令和特征提取命令并指定了输入pcap文件和输出binetflow文件的路径。然后我们使用os库调用系统命令来执行Tranalyzer2转换操作并将特征保存到json格式的文件中。
接下来我们使用pandas库将json文件中的特征数据读取为DataFrame格式并将标签列转换为数值类型0或1。然后我们使用train_test_split函数将数据集划分为训练集和测试集。
接着我们创建了一个XGBoost分类器对象并设置树的数量为100最大深度为10学习率为0.1。然后我们使用fit方法训练模型并使用predict方法预测测试集结果。
最后,我们输出了准确率和混淆矩阵等评估指标。需要注意的是,在实际应用中,需要根据具体需求选择不同的特征提取选项和分类器模型,并对模型进行调参等操作以提高性能。
'''

0
features.json Normal file
View File

32
merge_pcap.py Normal file
View File

@@ -0,0 +1,32 @@
# Name:fang xiaoyu
# Time: 2023/3/11 11:40
import os
import dpkt
import pcapy
# 指定要合并的文件夹路径和合并后的文件名
folder_path = "/path/to/folder"
merged_file = "merged.pcap"
# 获取文件夹内所有的pcap文件
pcap_files = [f for f in os.listdir(folder_path) if f.endswith('.pcap')]
# 打开第一个pcap文件读取第一个数据包的时间戳
reader = pcapy.open_offline(os.path.join(folder_path, pcap_files[0]))
pcap = dpkt.pcap.Reader(reader)
_, ts = next(pcap)
# 创建一个新的pcap文件并写入第一个数据包
writer = dpkt.pcap.Writer(open(merged_file, 'wb'))
writer.writepkt(_, ts)
# 依次读取每个pcap文件的数据包并写入到新的pcap文件中
for pcap_file in pcap_files:
reader = pcapy.open_offline(os.path.join(folder_path, pcap_file))
pcap = dpkt.pcap.Reader(reader)
for ts, buf in pcap:
writer.writepkt(buf, ts)
# 关闭文件句柄
writer.close()

1
output.csv Normal file
View File

@@ -0,0 +1 @@
src_ip,dst_ip,src_port,dst_port,proto,num_packets,bytes,duration,timestamp_start,timestamp_end,flags
1 src_ip dst_ip src_port dst_port proto num_packets bytes duration timestamp_start timestamp_end flags

7885
sufshark_openvpn_tcp+youdao_header.csv Normal file
View File

File diff suppressed because it is too large Load Diff

19
test.py Normal file
View File

@@ -0,0 +1,19 @@
# Name:fang xiaoyu
# Time: 2023/3/9 22:07
import pickle
from utils.utils import *
path = "ScenarioA.pkl"
f = open(path , 'rb')
data = pickle.load(f)
print(len(data))
# import pickle as pkl
# f = open('ScenarioA.pkl', 'rb')
# b = pkl.load(f)
# b = list(b)
# b = np.array(b)
# print(b)

48
test2.py Normal file
View File

@@ -0,0 +1,48 @@
# Name:fang xiaoyu
# Time: 2023/3/10 09:17
import os
import json
import pandas as pd
from sklearn.neighbors import KNeighborsClassifier
from sklearn.model_selection import train_test_split
# 定义Tranalyzer2命令和特征提取命令
tranalyzer_cmd = "t2 -r {} -w {} -t"
feature_cmd = "t2 -r {} --bidir --tcp --protoid --statsonly --export json"
# 定义pcap文件路径和输出文件路径
pcap_file = "20230309_fxy_psiphon_operation.pcapng"
binetflow_file = "capture.binetflow"
# 转换pcap文件为binetflow格式
os.system(tranalyzer_cmd.format(pcap_file, binetflow_file))
# 提取特征并保存到json文件中
os.system(feature_cmd.format(binetflow_file) + " > features.json")
# 读取json文件中的特征数据并转换为DataFrame格式
with open("features.json", "r") as f:
data = json.load(f)
df = pd.DataFrame(data)
# 将标签列转换为数值类型0或1
df["label"] = df["label"].apply(lambda x: 0 if x == "normal" else 1)
# 将数据集划分为训练集和测试集
X_train, X_test, y_train, y_test = train_test_split(df.drop("label", axis=1), df["label"], test_size=0.2)
# 创建KNN分类器对象设置邻居数量为5
knn_model = KNeighborsClassifier(n_neighbors=5)
# 训练模型并预测测试集结果
knn_model.fit(X_train, y_train)
y_pred = knn_model.predict(X_test)
# 输出准确率和混淆矩阵等评估指标
from sklearn.metrics import accuracy_score, confusion_matrix
print("Accuracy:", accuracy_score(y_test, y_pred))
print("Confusion Matrix:\n", confusion_matrix(y_test, y_pred))
#$ tranalyzer2 -r sample.flow -w sample.features -t templates/plugins/ipfix-allfields.txt

91
test4.py Normal file
View File

@@ -0,0 +1,91 @@
# Name:fang xiaoyu
# Time: 2023/3/11 18:43
import numpy as np
import pandas as pd
import matplotlib.pyplot as plt
import dpkt
import socket
import struct
import binascii
from scapy.all import *
from sklearn.neighbors import KNeighborsClassifier
from sklearn.model_selection import cross_val_score
#import tshark
import scapy
# 从pcap文件中读取流量数据
def read_pcap(filename):
packets = rdpcap(filename)
flows = {}
for packet in packets:
if packet.haslayer(TCP):
src_ip = packet[IP].src
dst_ip = packet[IP].dst
src_port = packet[TCP].sport
dst_port = packet[TCP].dport
key = (src_ip, dst_ip, src_port, dst_port)
if key not in flows:
flows[key] = [packet]
else:
flows[key].append(packet)
return flows
# 提取流量数据的特征
def extract_features(flow):
features = []
total_len = 0
total_pkts = len(flow)
start_time = flow[0].time
end_time = flow[-1].time
for packet in flow:
total_len += len(packet)
duration = end_time - start_time
features.append(total_len)
features.append(total_pkts)
features.append(duration)
return features
# 将特征向量转换为numpy数组
def vectorize_data(data):
return np.array(data)
# 读取VPN和non-VPN流量数据
vpn_traffic = read_pcap('vpn_traffic.pcap')
nonvpn_traffic = read_pcap('nonvpn_traffic.pcap')
# 提取VPN和non-VPN流量的特征
vpn_traffic = [extract_features(flow) for flow in vpn_traffic.values()]
nonvpn_traffic = [extract_features(flow) for flow in nonvpn_traffic.values()]
# 将VPN和non-VPN流量数据转换为numpy数组
vpn_traffic = vectorize_data(vpn_traffic)
nonvpn_traffic = vectorize_data(nonvpn_traffic)
# 将VPN和non-VPN流量数据合并
X = np.concatenate((vpn_traffic, nonvpn_traffic))
y = np.concatenate((np.ones(len(vpn_traffic)), np.zeros(len(nonvpn_traffic))))
# 使用交叉验证选择最佳的K值
cv_scores = []
for k in range(1, 31):
knn = KNeighborsClassifier(n_neighbors=k)
scores = cross_val_score(knn, X, y, cv=5, scoring='accuracy')
cv_scores.append(scores.mean())
# 可视化交叉验证结果
plt.plot(range(1, 31), cv_scores)
plt.xlabel('K')
plt.ylabel('Accuracy')
plt.show()
# 使用最佳的K值进行模型训练和预测
best_k = np.argmax(cv_scores) + 1
knn = KNeighborsClassifier(n_neighbors=best_k)
knn.fit(X, y)
# 对新数据进行预测
new_data = read_pcap('new_traffic.pcap')
new_data = [extract_features(flow) for flow in new_data.values()]
new_data = vectorize_data(new_data)
prediction = knn.predict(new_data)
print(prediction)

167
test_2.py Normal file
View File

@@ -0,0 +1,167 @@
# # Name:fang xiaoyu
# # Time: 2023/3/10 23:53
# # 导入所需库
# import pandas as pd
# from sklearn.neighbors import KNeighborsClassifier
# from sklearn.model_selection import train_test_split
# from subprocess import run
#
# # 使用Tranalyzer2分析PCAP文件并提取TCP流量特征
# def extract_features(pcap_file):
# # 定义Tranalyzer2命令行参数
# tranalyzer_args = [
# "t2build", "-x", "tcp", "--no-tests", "--no-progress",
# "--tcp-fields", "sip dip sport dport tcp_flags tcp_flags_str bytes",
# "--histo", "sip dip sport dport", "--top", "sip dip sport dport bytes",
# "--both-ways", "--export", "csv", "-w", "-"
# ]
# # 运行Tranalyzer2命令行并将结果保存为CSV文件
# result = run(["sudo", "tshark", "-r", pcap_file, "-w", "-", "-F", "pcapng", "-Y", "tcp"],
# stdout=PIPE, check=True)
# result = run(["sudo", "tranalyzer2", "-r", "-", *tranalyzer_args], input=result.stdout, stdout=PIPE, check=True)
# result_csv = result.stdout.decode()
# # 解析CSV文件并返回特征数据框
# features_df = pd.read_csv(pd.compat.StringIO(result_csv))
# return features_df
#
# # 加载训练数据集,并提取特征
# train_pcap = "20230309_fxy_psiphon_operation.pcapng"
# train_labels = pd.read_csv("/path/to/train_labels.csv")
# train_features = extract_features(train_pcap)
#
# # 将标签与特征合并为单个数据框
# train_data = pd.merge(train_features, train_labels, on="flow_key")
#
# # 分割数据集为训练集和测试集
# X_train, X_test, y_train, y_test = train_test_split(train_data.drop(["flow_key", "label"], axis=1), train_data["label"], test_size=0.3)
#
# # 训练KNN模型
# knn = KNeighborsClassifier(n_neighbors=5)
# knn.fit(X_train, y_train)
#
# # 在测试集上评估模型性能
# accuracy = knn.score(X_test, y_test)
# print("Accuracy:", accuracy)
#
#
'''
import subprocess
import pandas as pd
import numpy as np
from sklearn.model_selection import train_test_split
from sklearn.preprocessing import LabelEncoder
from sklearn.neighbors import KNeighborsClassifier
from sklearn.metrics import accuracy_score
# Step 1: Install Tranalyzer2 and required Python modules
# Step 2: Extract features using Tranalyzer2
pcap_file = '20230309_fxy_psiphon_operation.pcapng'
output_file = 'output.csv'
command = f'sudo t2 -r {pcap_file} -w {output_file} -c basic'
subprocess.call(command, shell=True)
# Step 3: Load features into a Pandas dataframe and convert to NumPy array
data = pd.read_csv(output_file)
features = np.array(data)
# Step 4: Prepare the dataset
X = features[:, :-1]
y = features[:, -1]
le = LabelEncoder()
y = le.fit_transform(y)
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.3)
# Step 5: Train the KNN model
knn = KNeighborsClassifier(n_neighbors=5)
knn.fit(X_train, y_train)
# Step 6: Evaluate the model
y_pred = knn.predict(X_test)
accuracy = accuracy_score(y_test, y_pred)
print("Accuracy:", accuracy)
'''
import pandas as pd
import numpy as np
import os
import glob
import subprocess
from sklearn.model_selection import cross_val_score, train_test_split
from sklearn.svm import SVC
from sklearn.metrics import accuracy_score
# 提取流量特征
def extract_features(pcap_file):
# 运行tranalyzer2命令行工具
command = "t2 -r {pcap_file} -w {pcap_file}.csv -f features.csv"
subprocess.run(command, shell=True)
# 读取特征数据
features = pd.read_csv('features.csv', skiprows=6, header=None, delimiter=';', index_col=0)
# 删除无用列
features.drop([1, 2, 3, 4, 5], axis=1, inplace=True)
# 重命名列名
features.columns = ['duration', 'protocol', 'src_ip', 'src_port', 'dst_ip', 'dst_port', 'packets', 'bytes', 'flows',
'flags', 'tos', 'class']
# 删除class列因为我们不需要使用它
features.drop(['class'], axis=1, inplace=True)
return features
# 获取所有pcap文件
# pcap_files = []
# for file in os.listdir('.'):
# if file.endswith('.pcap'):
# pcap_files.append(file)
folder_path = "wcx-抓包-用于模型复现"
pcap_files = []
for file in glob.glob(os.path.join(folder_path, "*.pcap")):
pcap_files.append(file)
# 提取所有pcap文件的特征
features_list = []
for pcap_file in pcap_files:
features = extract_features(pcap_file)
features_list.append(features)
# 将所有特征合并成一个DataFrame
all_features = pd.concat(features_list)
# 标准化特征数据
mean = all_features.mean()
std = all_features.std()
normalized_features = (all_features - mean) / std
# 将标准化后的特征数据和SVM模型拟合
X_train, X_test, y_train, y_test = train_test_split(normalized_features.values, np.zeros(len(normalized_features)),
test_size=0.2, random_state=42)
clf = SVC()
# 使用交叉验证来评估模型性能
scores = cross_val_score(clf, X_train, y_train, cv=5)
print(f"Cross Validation Scores: {scores}")
print(f"Mean Score: {np.mean(scores)}")
print(f"Std Score: {np.std(scores)}")
# 在测试集上测试并计算准确率
clf.fit(X_train, y_train)
y_pred = clf.predict(X_test)
accuracy = accuracy_score(y_test, y_pred)
print(f"Accuracy: {accuracy}")

10
test_3.py Normal file
View File

@@ -0,0 +1,10 @@
# Name:fang xiaoyu
# Time: 2023/3/11 11:31
import os
import glob
folder_path = "wcx-抓包-用于模型复现"
pcap_files = []
for file in glob.glob(os.path.join(folder_path, "*.pcap")):
pcap_files.append(file)
print(pcap_files)

233
test_5.py Normal file
View File

@@ -0,0 +1,233 @@
# Name:fang xiaoyu
# Time: 2023/3/11 20:10
'''
import cicflowmeter
from scapy.all import *
import requests
#import pypcap
import scipy
cfm = cicflowmeter.CFM()
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
print(packets)
for ts, pkt in packets:
cfm.flow_handler(pkt)
result = cfm.get_result()
'''
'''
from cicflowmeter.flow import Flow
#from cicflowmeter.pcapy_reader import PcapyReader
from scapy.all import *
import csv
# 定义pcap文件路径
pcap_file = 'sample.pcap'
# 创建PcapyReader对象
pcap = rdpcap('20230309_fxy_psiphon_operation.pcapng')
# 定义输出CSV文件路径
output_file = 'output.csv'
# 创建CSV文件对象并定义列名
csv_file = open(output_file, 'w', newline='')
csv_writer = csv.writer(csv_file)
csv_writer.writerow(['src_ip', 'dst_ip', 'src_port', 'dst_port', 'proto', 'num_packets', 'bytes', 'duration', 'timestamp_start', 'timestamp_end', 'flags'])
# 循环遍历每个数据包并提取流特征并将特征写入CSV文件
for pkt in pcap:
flow = Flow(pkt, direction='B2A')
features = flow.features()
csv_writer.writerow([features['src_ip'], features['dst_ip'], features['src_port'], features['dst_port'], features['proto'], features['num_packets'], features['bytes'], features['duration'], features['timestamp_start'], features['timestamp_end'], features['flags']])
# 关闭CSV文件
csv_file.close()
'''
from datetime import datetime
from pathlib import Path
from cicflowmeter.flow import Flow
#from cicflowmeter.reader import Reader
from scapy.all import *
import csv
# 设置输入文件路径
# 创建PcapyReader对象
pcap = rdpcap('20230309_fxy_psiphon_operation.pcapng')
# 设置输出文件路径
output_file_path = "output.csv"
# 创建CSV输出文件
with open(output_file_path, mode='w', newline='') as output_file:
writer = csv.writer(output_file)
# 写入标题行
writer.writerow(
['src_ip', 'dst_ip', 'src_port', 'dst_port', 'proto', 'num_packets', 'bytes', 'duration', 'timestamp_start',
'timestamp_end', 'flags'])
# 打开pcap文件并逐个处理数据包
#with Reader(input_file_path) as reader:
for pkt in pcap:
# 仅处理IP数据包
if pkt.haslayer('IP'):
# 创建Flow对象
flow = Flow(pkt,direction='B2A')
# 获取特征值列表
feature_values = flow.get_features()
# 将特征值列表写入CSV文件
writer.writerow(feature_values)
'''
from scapy.all import *
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
# 定义字典存储特征
features = {}
# 统计每个协议的数据包数量
protocols = {}
for pkt in packets:
if pkt.haslayer(IP):
protocol = pkt[IP].proto
if protocol not in protocols:
protocols[protocol] = 0
protocols[protocol] += 1
for p in protocols:
features['protocol_{}'.format(p)] = protocols[p]
# 统计每个源IP地址的数据包数量和大小
src_ips = {}
for pkt in packets:
if pkt.haslayer(IP):
src_ip = pkt[IP].src
if src_ip not in src_ips:
src_ips[src_ip] = {'count': 0, 'size': 0}
src_ips[src_ip]['count'] += 1
src_ips[src_ip]['size'] += len(pkt)
for ip in src_ips:
features['src_ip_{}_count'.format(ip)] = src_ips[ip]['count']
features['src_ip_{}_size'.format(ip)] = src_ips[ip]['size']
# 统计每个目的IP地址的数据包数量和大小
dst_ips = {}
for pkt in packets:
if pkt.haslayer(IP):
dst_ip = pkt[IP].dst
if dst_ip not in dst_ips:
dst_ips[dst_ip] = {'count': 0, 'size': 0}
dst_ips[dst_ip]['count'] += 1
dst_ips[dst_ip]['size'] += len(pkt)
for ip in dst_ips:
features['dst_ip_{}_count'.format(ip)] = dst_ips[ip]['count']
features['dst_ip_{}_size'.format(ip)] = dst_ips[ip]['size']
# 输出特征
print(features)
'''
'''
from scapy.all import *
# 读取pcap文件
pcap = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
# 遍历数据包,提取流量特征
for pkt in pcap:
# 数据包大小
pkt_size = len(pkt)
# IP地址
if IP in pkt:
src_ip = pkt[IP].src
dst_ip = pkt[IP].dst
# 协议类型
if TCP in pkt:
protocol = 'TCP'
elif UDP in pkt:
protocol = 'UDP'
elif ICMP in pkt:
protocol = 'ICMP'
else:
protocol = 'Other'
# 端口号
if TCP in pkt:
src_port = pkt[TCP].sport
dst_port = pkt[TCP].dport
elif UDP in pkt:
src_port = pkt[UDP].sport
dst_port = pkt[UDP].dport
else:
src_port = 0
dst_port = 0
# 输出流量特征
print(
'Packet Size: {}, Source IP: {}, Destination IP: {}, Protocol: {}, Source Port: {}, Destination Port: {}'.format(
pkt_size, src_ip, dst_ip, protocol, src_port, dst_port))
'''
'''
from scapy.all import *
import collections
# 读取pcap文件
packets = rdpcap('/Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap')
# 计算数据包总数
total_packets = len(packets)
print("Total packets:", total_packets)
# 计算不同协议类型的数据包数量
protocols = collections.Counter([packet[IP].proto for packet in packets])
print("Protocol counts:", protocols)
# 查找源IP地址和目的IP地址
for packet in packets:
if IP in packet:
src_ip = packet[IP].src
dst_ip = packet[IP].dst
print("Source IP:", src_ip)
print("Destination IP:", dst_ip)
# 查找源MAC地址和目的MAC地址
for packet in packets:
if Ether in packet:
src_mac = packet[Ether].src
dst_mac = packet[Ether].dst
print("Source MAC:", src_mac)
print("Destination MAC:", dst_mac)
# 查找源端口号和目的端口号
for packet in packets:
if TCP in packet:
src_port = packet[TCP].sport
dst_port = packet[TCP].dport
print("Source port:", src_port)
print("Destination port:", dst_port)
# 计算数据包的平均大小
total_size = sum(len(packet) for packet in packets)
avg_size = total_size / total_packets
print("Average packet size:", avg_size)
# 查找HTTP请求
for packet in packets:
if TCP in packet and packet[TCP].dport == 80 and packet.haslayer(Raw):
http_request = packet[Raw].load.decode()
print("HTTP request:", http_request)
'''
import flowcontainer
import cicflowmeter

6
test_cicflowmeter.py Normal file
View File

@@ -0,0 +1,6 @@
# Name:fang xiaoyu
# Time: 2023/3/15 16:00
import cicflowmeter
cicflowmeter

BIN
wcx-抓包-用于模型复现/.DS_Store vendored Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/HotSpotshieldVPN_纯净流量.pcap Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/TorGuard_openvpnOverSSL.pcap Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/croptstorm_https_纯净流量.pcap Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/croptstorm_ssh_纯净流量.pcap Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/psiphonz纯净流量.pcap Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/sufshark_openvpn_tcp.pcap Normal file
View File

Binary file not shown.

77
wcx-抓包-用于模型复现/sufshark_t2.txt_flows.txt Normal file
View File

@@ -0,0 +1,77 @@
%dir flowInd flowStat timeFirst timeLast duration numHdrDesc numHdrs hdrDesc srcMac dstMac ethType ethVlanID srcIP srcIPCC srcIPOrg srcPort dstIP dstIPCC dstIPOrg dstPort l4Proto macStat macPairs srcMac_dstMac_numP srcMacLbl_dstMacLbl dstPortClassN dstPortClass numPktsSnt numPktsRcvd numBytesSnt numBytesRcvd minPktSz maxPktSz avePktSize stdPktSize minIAT maxIAT aveIAT stdIAT pktps bytps pktAsm bytAsm tcpFStat ipMindIPID ipMaxdIPID ipMinTTL ipMaxTTL ipTTLChg ipToS ipFlags ipOptCnt ipOptCpCl_Num ip6OptCntHH_D ip6OptHH_D tcpISeqN tcpPSeqCnt tcpSeqSntBytes tcpSeqFaultCnt tcpPAckCnt tcpFlwLssAckRcvdBytes tcpAckFaultCnt tcpBFlgtMx tcpInitWinSz tcpAveWinSz tcpMinWinSz tcpMaxWinSz tcpWinSzDwnCnt tcpWinSzUpCnt tcpWinSzChgDirCnt tcpWinSzThRt tcpFlags tcpAnomaly tcpOptPktCnt tcpOptCnt tcpOptions tcpMSS tcpWS tcpMPTBF tcpMPF tcpMPAID tcpMPDSSF tcpTmS tcpTmER tcpEcI tcpUtm tcpBtm tcpSSASAATrip tcpRTTAckTripMin tcpRTTAckTripMax tcpRTTAckTripAve tcpRTTAckTripJitAve tcpRTTSseqAA tcpRTTAckJitAve tcpStatesAFlags icmpStat icmpTCcnt icmpBFTypH_TypL_Code icmpTmGtw icmpEchoSuccRatio icmpPFindex connSip connDip connSipDip connSipDprt connF
A 5 0x0400000000004000 1678438540.671385 1678438541.327656 0.656271 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60584 104.18.24.203 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_8 IntelCorp,MY_- 443 https 8 9 436 3154 0 181 54.5 64.1263 0 0.466433 0.08203387 0.1366479 12.19009 664.3597 -0.05882353 -0.7571031 0x0a11 1 1 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2150689346 7 436 0 7 3155 0 181 64240 125269.3 64240 131072 2 1 3 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.063109 0.057313 0.466253 0.1553089 0.1551459 0.063237 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 9 1 2 46 5.111111
B 5 0x0400000000004001 1678438540.734494 1678438541.385360 0.650866 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.24.203 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60584 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_9 -_IntelCorp,MY 443 https 9 8 3154 436 0 1300 350.4445 438.1845 0 0.36255 0.07231844 0.1000702 13.82773 4845.852 0.05882353 0.7571031 0x0a11 1 56030 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1132434305 9 3154 0 9 436 0 2551 64240 65461.29 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000128 8.6e-05 0.001494 0.000680875 0.0005002746 0.1559898 0.1551467 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 9 1 45 45
A 7 0x0400000000004000 1678438541.005057 1678438542.449668 1.444611 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60585 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_9 IntelCorp,MY_- 443 https 9 10 1410 3976 0 1131 156.6667 323.5014 0 1.009822 0.1605123 0.2387844 6.230051 976.0413 -0.05263158 -0.4764203 0x0a11 1 1 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3597570128 7 1410 0 7 3977 0 1131 64240 125008.2 64240 131072 2 1 3 0 0x011b 0x0001 2 12 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 0.055063 0.192008 0.0849475 0.03365954 0.000218 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 28 44 5.5
B 7 0x0400000000004001 1678438542.206887 1678438542.504731 0.297844 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60585 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_10 -_IntelCorp,MY 443 https 10 9 3976 1410 0 1300 397.6 443.9756 0 0.099428 0.0297844 0.03162438 33.57462 13349.27 0.05263158 0.4764203 0x0a11 1 56724 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1713366050 10 3976 0 10 1410 0 2915 64240 65483.7 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000218 0.000218 0.007719 0.002232889 0.002696692 0.08718039 0.03376739 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 27 43 43
A 9 0x0400000000004000 1678438542.715183 1678438542.947468 0.232285 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60587 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_7 IntelCorp,MY_- 443 https 7 7 1795 495 0 1300 256.4286 387.302 0 0.110501 0.03318357 0.03569319 30.1354 7727.576 0 0.5676856 0x0a11 1 1 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 910259668 6 1795 0 6 496 0 1424 64240 122948.2 64240 131072 1 1 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.060424 0.055994 0.110257 0.07261272 0.02154457 0.060494 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 26 42 5.25
B 9 0x0400000000004001 1678438542.775607 1678438543.003462 0.227855 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60587 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_7 -_IntelCorp,MY 443 https 7 7 495 1795 0 380 70.71429 118.0025 0 0.058111 0.03255071 0.02319957 30.72129 2172.434 0 -0.5676856 0x0a11 1 34966 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2580614045 7 495 0 7 1795 0 380 64240 65383.53 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 7e-05 7e-05 0.002117 0.0006821429 0.0006235491 0.07329486 0.02155359 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 25 41 41
A 18 0x0400000000004000 1678438543.088988 1678438543.734788 0.645800 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60591 18.156.144.91 us "Amazon Technologies Inc" 80 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_3 IntelCorp,MY_- 80 http 3 4 0 7 0 0 0 0 0 0.347355 0.2152667 0.1111793 4.645401 0 -0.1428571 -1 0x0a11 3 4 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3963626404 2 0 0 2 8 0 0 64240 98324.32 64240 131072 0 1 1 0 0x0113 0x3000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.346411 0.263105 0.346411 0.301331 0.02403587 0.347355 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 14 2 0.25
B 18 0x0400000000004001 1678438543.435399 1678438543.997893 0.562494 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 80 192.168.58.75 07 "Private network" 60591 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_4 -_IntelCorp,MY 80 http 4 3 7 0 0 7 1.75 2.277989 0 0.298848 0.1406235 0.108841 7.111187 12.44458 0.1428571 1 0x0a11 1 33828 42 42 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1452997980 4 7 0 4 0 0 7 26883 26965.12 26883 27008 0 1 1 0 0x031b 0x2000 1 6 0x0000001e 1300 128 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000944 0.000541 0.000944 0.0008096667 0.0001551148 0.3021407 0.02403637 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 13 1 1
A 19 0x0400000000004000 1678438543.090599 1678438543.734809 0.644210 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60592 18.156.144.91 us "Amazon Technologies Inc" 8443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_3 IntelCorp,MY_- 8443 pcsync-https 3 4 0 9 0 0 0 0 0 0.345841 0.2147367 0.1108992 4.656867 0 -0.1428571 -1 0x0a11 3 4 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 44257417 2 0 0 2 10 0 0 64240 98324.32 64240 131072 0 1 1 0 0x0113 0x3000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.3448 0.263084 0.3448 0.3008745 0.023588 0.345841 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 12 2 0.25
B 19 0x0400000000004001 1678438543.435399 1678438543.997893 0.562494 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 8443 192.168.58.75 07 "Private network" 60592 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_4 -_IntelCorp,MY 8443 pcsync-https 4 3 9 0 0 9 2.25 2.928844 0 0.298848 0.1406235 0.108841 7.111187 16.00017 0.1428571 1 0x0a11 1 55859 42 42 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2775753545 4 9 0 4 0 0 9 26883 26965.12 26883 27008 0 1 1 0 0x031b 0x2000 1 6 0x0000001e 1300 128 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.001041 0.000562 0.001041 0.0008813333 0.0001843672 0.3017558 0.02358872 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 11 1 1
A 20 0x0400000000004000 1678438543.090604 1678438543.734780 0.644176 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60593 18.156.144.91 us "Amazon Technologies Inc" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_3 IntelCorp,MY_- 443 https 3 4 0 8 0 0 0 0 0 0.345358 0.2147253 0.1108898 4.657112 0 -0.1428571 -1 0x0a11 1 3 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 4276855191 2 0 0 2 9 0 0 64240 98324.32 64240 131072 0 1 1 0 0x0113 0x3000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.344795 0.251953 0.344795 0.2983295 0.02707363 0.345358 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 10 40 5
B 20 0x0400000000004001 1678438543.435399 1678438543.986733 0.551334 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 443 192.168.58.75 07 "Private network" 60593 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_4 -_IntelCorp,MY 443 https 4 3 8 0 0 8 2 2.603416 0 0.298848 0.1378335 0.1065318 7.25513 14.51026 0.1428571 1 0x0a11 1 60093 42 42 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1978569667 4 8 0 4 0 0 8 26883 26965.12 26883 27008 0 1 1 0 0x031b 0x2000 1 6 0x0000001e 1300 128 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000563 0.000533 0.000563 0.000553 1.154699e-05 0.2988825 0.02707364 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 9 39 39
A 22 0x0400000000004000 1678438544.090576 1678438544.446932 0.356356 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60595 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_7 IntelCorp,MY_- 443 https 7 7 1795 495 0 1300 256.4286 387.302 0 0.158675 0.050908 0.05091392 19.64328 5037.098 0 0.5676856 0x0a11 1 1 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1976837696 6 1795 0 6 496 0 1424 64240 122948.2 64240 131072 1 1 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.158433 0.057888 0.158433 0.09475029 0.03066983 0.158675 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 24 38 4.75
B 22 0x0400000000004001 1678438544.249009 1678438544.504820 0.255811 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60595 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_7 -_IntelCorp,MY 443 https 7 7 495 1795 0 380 70.71429 118.0025 0 0.067935 0.03654443 0.02641513 27.36395 1935.022 0 -0.5676856 0x0a11 1 9131 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 4196101133 7 495 0 7 1795 0 380 64240 65383.53 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000242 0.000242 0.003362 0.001552 0.001161246 0.09630229 0.0306918 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 23 37 37
A 24 0x0400000000004000 1678438544.498209 1678438544.926028 0.427819 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60597 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_6 IntelCorp,MY_- 443 https 6 10 1558 1681 0 1187 259.6667 378.9682 0 0.306473 0.07130316 0.09652266 14.02462 3641.727 -0.25 -0.03797468 0x0a11 1 4 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 590772724 5 1558 0 5 1682 0 1187 64240 119839.5 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.056587 0.054003 0.305463 0.1849525 0.1112917 0.056837 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 22 36 4.5
B 24 0x0400000000004001 1678438544.554796 1678438544.980031 0.425235 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60597 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_10 -_IntelCorp,MY 443 https 10 6 1681 1558 0 1300 168.1 341.9332 0 0.205701 0.0425235 0.05742804 23.51641 3953.108 0.25 0.03797468 0x0a11 1 23974 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2786122804 10 1681 0 10 1558 0 1566 64240 65483.7 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.00025 0.00025 0.003706 0.001621333 0.001240578 0.1865738 0.1112986 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 21 35 35
A 23 0x0400000000004000 1678438544.498209 1678438544.926045 0.427836 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60596 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_7 IntelCorp,MY_- 443 https 7 10 2122 2298 0 1300 303.1429 388.628 0 0.301446 0.06111943 0.09222254 16.36141 4959.844 -0.1764706 -0.03981901 0x0a11 1 4 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 706159185 6 2122 0 6 2299 0 1751 64240 123209.3 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.05928 0.05928 0.300588 0.1802012 0.1105553 0.059455 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 20 34 4.25
B 23 0x0400000000004001 1678438544.557489 1678438544.986486 0.428997 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60596 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_10 -_IntelCorp,MY 443 https 10 7 2298 2122 0 1300 229.8 378.1159 0 0.241122 0.0428997 0.06412552 23.31019 5356.681 0.1764706 0.03981901 0x0a11 1 13761 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3832647772 10 2298 0 10 2122 0 2183 64240 65483.7 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000175 0.000175 0.003424 0.001676571 0.001221098 0.1818778 0.110562 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 19 33 33
A 26 0x0400000000004000 1678438545.126087 1678438545.629019 0.502932 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60598 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_6 IntelCorp,MY_- 443 https 6 9 1586 1451 0 1215 264.3333 387.6433 0 0.284749 0.083822 0.08625923 11.93004 3153.508 -0.2 0.04445176 0x0a11 1 15 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3173169355 5 1586 0 5 1452 0 1215 64240 119839.5 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.123596 0.055195 0.284336 0.1697037 0.09536102 0.123753 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 18 32 4
B 26 0x0400000000004001 1678438545.249683 1678438545.684214 0.434531 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60598 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_9 -_IntelCorp,MY 443 https 9 6 1451 1586 0 1300 161.2222 362.8199 0 0.185399 0.04828122 0.05557825 20.71199 3339.232 0.2 -0.04445176 0x0a11 1 56634 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 14049914 9 1451 0 9 1586 0 1336 64240 65461.29 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000157 0.000157 0.034294 0.006473667 0.01139149 0.1761773 0.096039 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 17 31 31
A 25 0x0400000000004000 1678438545.126087 1678438545.629019 0.502932 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60599 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_7 IntelCorp,MY_- 443 https 7 7 1795 495 0 1300 256.4286 387.302 0 0.306882 0.07184743 0.09304016 13.91838 3569.071 0 0.5676856 0x0a11 1 18 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3119053712 6 1795 0 6 496 0 1424 64240 122948.2 64240 131072 1 1 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.120159 0.052121 0.306644 0.136249 0.09884907 0.120329 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 16 30 3.75
B 25 0x0400000000004001 1678438545.246246 1678438545.684214 0.437968 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60599 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_7 -_IntelCorp,MY 443 https 7 7 495 1795 0 380 70.71429 118.0025 0 0.246967 0.06256685 0.07196545 15.9829 1130.22 0 -0.5676856 0x0a11 1 22152 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 965130496 7 495 0 7 1795 0 380 64240 65383.53 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.00017 0.00017 0.018521 0.003825143 0.005676229 0.1400741 0.0990119 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 15 29 29
A 28 0x0400000000004000 1678438545.134879 1678438545.674793 0.539914 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60601 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_6 IntelCorp,MY_- 443 https 6 8 1562 1389 0 1191 260.3333 380.2063 0 0.341996 0.08998567 0.1050285 11.11288 2893.053 -0.1428571 0.0586242 0x0a11 1 20 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3133257095 5 1562 0 5 1390 0 1191 64240 119839.5 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.113621 0.05307 0.341878 0.176355 0.1177886 0.113792 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 14 28 3.5
B 28 0x0400000000004001 1678438545.248500 1678438545.736766 0.488266 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60601 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_8 -_IntelCorp,MY 443 https 8 6 1389 1562 0 1240 173.625 363.0067 0 0.239772 0.06103325 0.07001008 16.38451 2844.761 0.1428571 -0.0586242 0x0a11 1 64177 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3908520844 8 1389 0 8 1562 0 1274 64240 65429.27 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000171 0.000118 0.025695 0.005073167 0.008476242 0.1814282 0.1180932 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 13 27 27
A 27 0x0400000000004000 1678438545.126130 1678438545.685652 0.559522 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60600 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_6 IntelCorp,MY_- 443 https 6 15 1571 7129 0 1200 261.8333 382.9936 0 0.360885 0.09325366 0.1132214 10.72344 2807.754 -0.4285714 -0.6388506 0x0a11 1 20 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 234773166 5 1571 0 5 7130 0 1200 64240 119839.5 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.129368 0.063509 0.360639 0.2688299 0.1214907 0.129584 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 12 26 3.25
B 27 0x0400000000004001 1678438545.255498 1678438545.752258 0.496760 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60600 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_15 -_IntelCorp,MY 443 https 15 6 7129 1571 0 1300 475.2667 547.9085 0 0.257573 0.03311734 0.06163195 30.19567 14350.99 0.4285714 0.6388506 0x0a11 1 33106 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 642794098 15 7129 0 15 1571 0 7014 64240 65527.21 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000216 0.000216 0.003528 0.001114 0.001019898 0.2699439 0.121495 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 11 25 25
A 34 0x0400000000004000 1678438545.675960 1678438545.885973 0.210013 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60606 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_8 IntelCorp,MY_- 443 https 8 12 1825 4102 0 1300 228.125 370.2347 0 0.083209 0.02625163 0.02938896 38.09288 8689.938 -0.2 -0.3841741 0x0a11 1 4 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 375133525 7 1825 0 7 4103 0 1454 64240 125568.1 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.060806 0.000185 0.082718 0.05933783 0.02698222 0.061112 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 10 24 3
B 34 0x0400000000004001 1678438545.736766 1678438545.942381 0.205615 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60606 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_12 -_IntelCorp,MY 443 https 12 8 4102 1825 0 1300 341.8333 486.1904 0 0.062715 0.01713458 0.02247545 58.3615 19949.91 0.2 0.3841741 0x0a11 1 1768 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1373350812 12 4102 0 12 1825 0 3953 64240 65510.38 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000306 0.000306 0.003415 0.0012425 0.001121137 0.06058033 0.0270055 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 9 23 23
A 29 0x0400000000004000 1678438545.135080 1678438546.063334 0.928254 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60602 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_6 IntelCorp,MY_- 443 https 6 8 1557 1209 0 1186 259.5 378.6587 0 0.721036 0.154709 0.2286772 6.463748 1677.343 -0.1428571 0.1258135 0x0a11 1 40 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1391787073 5 1557 0 5 1210 0 1186 64240 119317.3 64240 131072 1 1 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.116267 0.056845 0.720934 0.3301695 0.2761069 0.116462 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 8 22 2.75
B 29 0x0400000000004001 1678438545.251347 1678438546.214962 0.963615 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60602 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_8 -_IntelCorp,MY 443 https 8 6 1209 1557 0 1060 151.125 309.8497 0 0.623965 0.1204519 0.1791396 8.302071 1254.651 0.1428571 -0.1258135 0x0a11 1 38713 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 907775662 8 1209 0 8 1557 0 1094 64240 65429.27 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000195 0.000102 0.030043 0.005783333 0.009948266 0.3359528 0.2762861 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 7 21 21
A 36 0x0400000000004000 1678438562.121152 1678438562.409247 0.288095 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60608 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_7 IntelCorp,MY_- 443 https 7 7 1795 495 0 1300 256.4286 387.302 0 0.12233 0.04115643 0.0417183 24.29754 6230.583 0 0.5676856 0x0a11 1 1 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1427192076 6 1795 0 6 496 0 1424 64240 122948.2 64240 131072 1 1 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.100033 0.056673 0.122011 0.08308142 0.02462088 0.10012 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 9 1 8 22 2.444444
B 36 0x0400000000004001 1678438562.221185 1678438562.471298 0.250113 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60608 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_7 -_IntelCorp,MY 443 https 7 7 495 1795 0 380 70.71429 118.0025 0 0.065366 0.03573043 0.02573201 27.98735 1979.105 0 -0.5676856 0x0a11 1 52615 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3018865306 7 495 0 7 1795 0 380 64240 65383.53 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 8.7e-05 8.7e-05 0.003315 0.001106429 0.001020167 0.08418785 0.024642 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 9 7 21 21
A 12 0x0400000000004000 1678438542.912026 1678438648.262335 105.350309 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60589 52.232.209.85 us "Microsoft Corporation" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_11 IntelCorp,MY_- 443 https 11 14 1208 5717 0 598 109.8182 168.0854 0 75.01094 9.577302 20.72395 0.1044135 11.46651 -0.12 -0.6511191 0x0a11 1 5 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1921833801 10 1208 0 10 5718 0 598 64240 89622.09 0 131072 3 1 4 0 0x041e 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.266281 0.264602 75.01041 11.45516 24.96668 0.26678 0 0x42 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 9 1 4 20 2.222222
B 12 0x0400000000004001 1678438543.178307 1678438623.300547 80.122240 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 52.232.209.85 us "Microsoft Corporation" 443 192.168.58.75 07 "Private network" 60589 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_14 -_IntelCorp,MY 443 https 14 11 5717 1208 0 1300 408.3571 493.3763 0 75.05939 5.723017 18.4808 0.174733 71.35347 0.12 0.6511191 0x0a11 1 52359 39 39 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 158438382 14 5717 0 14 1208 0 5057 64240 64509.36 64240 64512 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 1024 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000499 0.000376 24.96179 2.287668 6.836562 13.74283 25.88578 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 9 3 19 19
A 13 0x0400000000004000 1678438542.912026 1678438648.263297 105.351271 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60590 52.232.209.85 us "Microsoft Corporation" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_10 IntelCorp,MY_- 443 https 10 14 1280 5708 0 670 128 190.221 0 75.01015 10.53513 21.76739 0.09492055 12.14983 -0.1666667 -0.6336577 0x0a11 1 5 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 649951714 9 1280 0 9 5709 0 670 64240 88825.92 0 131072 3 1 4 0 0x041e 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.266281 0.255916 75.00959 10.97921 25.14949 0.266642 0 0x42 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 9 1 2 18 2
B 13 0x0400000000004001 1678438543.178307 1678438619.828499 76.650192 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 52.232.209.85 us "Microsoft Corporation" 443 192.168.58.75 07 "Private network" 60590 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_14 -_IntelCorp,MY 443 https 14 10 5708 1280 0 1300 407.7143 493.5257 0 75.06441 5.475013 18.54427 0.1826479 74.46818 0.1666667 0.6336577 0x0a11 1 52858 40 40 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 979930531 14 5708 0 14 1280 0 5057 64240 64509.36 64240 64512 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 1024 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000361 0.000361 28.4348 2.850353 8.090526 13.82956 26.41881 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 9 1 17 17
A 11 0x0400000000004000 1678438542.810151 1678438643.277813 100.467662 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60588 1.1.1.1 us "APNIC Research and Development" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_9 IntelCorp,MY_- 443 https 9 8 401 3634 0 155 44.55556 57.09469 0 99.96101 11.16307 29.37076 0.08958106 3.991334 0.05882353 -0.8012391 0x0a11 1 1 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3908542269 8 401 0 8 3634 0 155 64240 126688.4 64240 131072 2 1 3 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.055786 0.053239 0.222275 0.0758505 0.05177466 0.055936 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 8 1 2 16 2
B 11 0x0400000000004001 1678438542.865937 1678438643.277636 100.411699 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 1.1.1.1 us "APNIC Research and Development" 443 192.168.58.75 07 "Private network" 60588 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_8 -_IntelCorp,MY 443 https 8 9 3634 401 0 1300 454.25 444.2963 0 100.238 12.55146 31.00189 0.07967199 36.191 -0.05882353 0.8012391 0x0a11 1 24054 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2250847198 8 3634 0 8 401 0 2795 64240 65429.27 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.00015 0.00015 100.0157 11.12014 29.40311 11.19599 29.40316 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 8 1 15 15
A 21 0x0400000000004000 1678438543.770104 1678438644.309084 100.538980 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60594 104.18.120.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_7 IntelCorp,MY_- 443 https 7 6 555 908 0 371 79.28571 113.6315 0 99.95834 14.36271 31.91214 0.06962474 5.520247 0.07692308 -0.241285 0x0a11 1 18 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1070609892 6 555 0 6 908 0 371 64240 122704.7 64240 131072 1 1 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.065768 0.062417 0.22141 0.1155597 0.05472611 0.06597301 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 7 1 6 14 2
B 21 0x0400000000004001 1678438543.835872 1678438644.308841 100.472969 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.120.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60594 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_6 -_IntelCorp,MY 443 https 6 7 908 555 0 793 151.3333 259.2991 0 100.234 16.74549 34.08405 0.05971755 9.037256 -0.07692308 0.241285 0x0a11 1 52845 54 54 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1942470182 6 908 0 6 555 0 793 64240 65318.18 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000205 0.000205 100.0126 14.29592 31.95741 14.41148 31.95745 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 7 5 13 13
A 32 0x0400000000004000 1678438545.258032 1678438645.662774 100.404742 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60604 104.18.120.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_10 IntelCorp,MY_- 443 https 10 15 430 10948 0 185 43 59.99718 0 100.0151 10.04047 28.27848 0.0995969 4.282666 -0.2 -0.9244155 0x0a11 1 9 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3630287932 9 430 0 9 10948 0 185 64240 128356.6 64240 131072 1 2 2 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.056804 0.000396 0.117192 0.0596792 0.04418295 0.057023 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 7 1 4 12 1.714286
B 32 0x0400000000004001 1678438545.314836 1678438645.662560 100.347724 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.120.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60604 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_15 -_IntelCorp,MY 443 https 15 10 10948 430 0 1300 729.8666 552.1032 0 100.074 6.689848 24.11171 0.1494802 109.1006 0.2 0.9244155 0x0a11 1 31044 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1309126645 15 10948 0 15 430 0 5357 64240 65527.21 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000219 0.000214 100.0155 10.00332 28.29028 10.063 28.29031 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 7 3 11 11
A 3 0x0400000000004000 1678438540.431238 1678438647.705338 107.274100 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60582 104.18.12.101 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_19 IntelCorp,MY_- 443 https 19 18 1528 10675 0 201 80.42105 80.89372 0 100.0215 5.646005 21.64643 0.1771164 14.24389 0.02702703 -0.7495698 0x0a11 1 1 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3683916154 18 1528 0 18 10675 0 201 64240 130512.8 64240 131072 5 4 6 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.059004 0.057066 0.070825 0.06399962 0.003265371 0.059128 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 7 1 2 10 1.428571
B 3 0x0400000000004001 1678438540.490242 1678438647.705098 107.214856 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.12.101 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60582 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_18 -_IntelCorp,MY 443 https 18 19 10675 1528 0 1300 593.0555 461.2215 0 100.0903 5.956381 22.21859 0.1678872 99.56642 -0.02702703 0.7495698 0x0a11 1 39561 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1916516677 18 10675 0 18 1528 0 4406 64240 65532.99 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000124 9.2e-05 100.0219 5.61395 21.65435 5.677949 21.65435 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 7 1 9 9
A 31 0x0400000000004000 1678438545.171929 1678438545.589839 0.417910 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60603 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_15 IntelCorp,MY_- 443 https 15 69 1580 81005 0 1209 105.3333 272.6754 0 0.120224 0.02786067 0.03565436 35.89289 3780.718 -0.6428571 -0.9617364 0x0a11 1 9 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3715891804 14 1580 0 14 81006 0 1209 64240 130618.7 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.080662 0.000195 0.118318 0.0612336 0.04713053 0.080904 0 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 6 1 6 8 1.333333
B 31 0x0400000000004001 1678438545.252591 1678438545.647904 0.395313 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60603 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_69 -_IntelCorp,MY 443 https 69 15 81005 1580 0 1300 1173.985 357.1899 0 0.118578 0.005729174 0.01953879 174.5452 204913.6 0.6428571 0.9617364 0x0a11 1 30463 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 3736356320 69 81006 0 69 1580 0 24700 64240 65536 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000242 0.000242 0.003786 0.001056533 0.001083837 0.06229014 0.04714299 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 6 5 7 7
A 33 0x0400000000004000 1678438545.675645 1678438545.891976 0.216331 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60605 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_10 IntelCorp,MY_- 443 https 10 24 1821 20317 0 1300 182.1 342.2162 0 0.081293 0.0216331 0.0272793 46.22546 8417.656 -0.4117647 -0.8354865 0x0a11 1 4 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2365389818 9 1821 0 9 20318 0 1450 64240 128375.1 64240 131072 0 1 1 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.061121 0.000293 0.080951 0.04020167 0.03495514 0.061352 0 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 6 1 4 6 1
B 33 0x0400000000004001 1678438545.736766 1678438545.946624 0.209858 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60605 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_24 -_IntelCorp,MY 443 https 24 10 20317 1821 0 1300 846.5417 562.1317 0 0.062715 0.008744082 0.0177017 114.363 96813.09 0.4117647 0.8354865 0x0a11 1 8119 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 768290641 24 20318 0 24 1821 0 7996 64240 65535.64 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000231 0.000231 0.003412 0.0010586 0.001067795 0.04126027 0.03497144 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 6 3 5 5
A 2 0x0400000000004000 1678438540.371353 1678438664.811777 124.440424 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60581 104.18.120.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_19 IntelCorp,MY_- 443 https 19 22 5760 4335 0 1215 303.1579 383.8278 0 99.96812 6.549496 21.72406 0.1526835 46.28721 -0.07317073 0.141159 0x0a11 1 6 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 508492307 18 5760 0 18 4335 0 1215 64240 130521.4 64240 131072 6 2 7 0 0x011b 0x0000 1 6 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.053018 0.052095 0.980388 0.1485053 0.1976676 0.053173 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 6 1 2 4 0.6666667
B 2 0x0400000000004001 1678438540.424371 1678438664.811539 124.387168 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.120.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60581 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_22 -_IntelCorp,MY 443 https 22 19 4335 5760 0 1300 197.0455 326.2524 0 100.0845 5.653963 20.44267 0.1768671 34.85086 0.07317073 -0.141159 0x0a11 1 865 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 718954642 22 4335 0 22 5760 0 2537 64240 65535.27 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000155 0.000155 100.0222 6.434432 21.76769 6.582937 21.76858 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 6 1 3 3
A 35 0x0400000000004000 1678438546.055998 1678438675.920053 129.864055 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60607 104.18.121.34 us "Cloudflare" 443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_26 IntelCorp,MY_- 443 https 26 32 12057 2048 0 1235 463.7308 463.8277 0 99.965 4.994771 18.84311 0.2002094 92.84324 -0.1034483 0.7096065 0x0a11 1 8 128 128 0 0x00 0x0c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 1152582751 24 12057 0 24 2048 0 1235 64240 130622.2 64240 131072 7 2 8 0 0x011b 0x0001 2 12 0x0000001e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 0.053696 0.894047 0.1737839 0.1948059 7.9e-05 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 5 1 2 2 0.4
B 35 0x0400000000004001 1678438547.215075 1678438675.919813 128.704738 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 104.18.121.34 us "Cloudflare" 443 192.168.58.75 07 "Private network" 60607 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_32 -_IntelCorp,MY 443 https 32 26 2048 12057 0 218 64 81.9301 0 100.0767 4.022023 17.19595 0.2486311 15.91239 0.1034483 -0.7096065 0x0a11 1 44156 54 54 0 0x00 0x2040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 208830810 32 2048 0 32 12057 0 247 64240 65535.98 64240 65536 0 1 1 0 0x031b 0x0000 1 6 0x0000001e 1300 8192 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 7.9e-05 7.9e-05 100.0166 4.810813 18.89779 4.984597 18.8988 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 5 1 1 1
A 1 0x0400000000004000 1678438540.148032 1678438540.148032 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 51976 192.168.44.40 07 "Private network" 53 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 53 domain 1 1 34 66 34 34 34 0 0 0 0 0 0 0 0 -0.32 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.205926 0.205926 0.205926 0.205926 0 0.205926 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 4 1 12 12 3
B 1 0x0400000000004001 1678438540.353958 1678438540.353958 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 192.168.44.40 07 "Private network" 53 192.168.58.75 07 "Private network" 51976 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 53 domain 1 1 66 34 66 66 66 0 0 0 0 0 0 0 0 0.32 0x0001 65535 0 63 63 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.205926 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 4 11 11 11
A 4 0x0400000000004000 1678438540.641057 1678438540.641057 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 56009 192.168.44.40 07 "Private network" 53 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 53 domain 1 1 37 69 37 37 37 0 0 0 0 0 0 0 0 -0.3018868 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.004197 0.004197 0.004197 0.004197 0 0.004197 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 4 1 10 10 2.5
B 4 0x0400000000004001 1678438540.645254 1678438540.645254 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 192.168.44.40 07 "Private network" 53 192.168.58.75 07 "Private network" 56009 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 53 domain 1 1 69 37 69 69 69 0 0 0 0 0 0 0 0 0.3018868 0x0001 65535 0 63 63 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.004197 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 4 9 9 9
A 6 0x0400000000004000 1678438540.987686 1678438540.987686 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 56010 192.168.44.40 07 "Private network" 53 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 53 domain 1 1 35 67 35 35 35 0 0 0 0 0 0 0 0 -0.3137255 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.011171 0.011171 0.011171 0.011171 0 0.011171 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 4 1 8 8 2
B 6 0x0400000000004001 1678438540.998857 1678438540.998857 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 192.168.44.40 07 "Private network" 53 192.168.58.75 07 "Private network" 56010 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 53 domain 1 1 67 35 67 67 67 0 0 0 0 0 0 0 0 0.3137255 0x0001 65535 0 63 63 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.011171 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 4 7 7 7
A 8 0x0400000000004000 1678438542.712138 1678438542.712138 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 56011 192.168.44.40 07 "Private network" 53 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 53 domain 1 1 34 86 34 34 34 0 0 0 0 0 0 0 0 -0.4333333 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.008156 0.008156 0.008156 0.008156 0 0.008156 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 4 1 6 6 1.5
B 8 0x0400000000004001 1678438542.720294 1678438542.720294 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 192.168.44.40 07 "Private network" 53 192.168.58.75 07 "Private network" 56011 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 53 domain 1 1 86 34 86 86 86 0 0 0 0 0 0 0 0 0.4333333 0x0001 65535 0 63 63 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.008156 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 4 5 5 5
A 10 0x0400000000004000 1678438542.727009 1678438542.727009 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 56012 20.189.79.72 us "Microsoft Corporation" 123 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 123 ntp 1 1 48 48 48 48 48 0 0 0 0 0 0 0 0 0 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.071708 0.071708 0.071708 0.071708 0 0.071708 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 4 1 2 2 0.5
B 10 0x0400000000004001 1678438542.798717 1678438542.798717 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 20.189.79.72 us "Microsoft Corporation" 123 192.168.58.75 07 "Private network" 56012 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 123 ntp 1 1 48 48 48 48 48 0 0 0 0 0 0 0 0 0 0x0001 65535 0 111 111 0 0x00 0x0000 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.071708 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 4 1 1 1
A 14 0x0400000080004000 1678438543.087950 1678438543.087950 0.000000 1 5 eth:ipv4:udp:udpencap:esp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 50210 18.156.144.91 us "Amazon Technologies Inc" 4500 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 4500 ipsec-nat-t 1 1 1 9 1 1 1 0 0 0 0 0 0 0 0 -0.8 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.347449 0.347449 0.347449 0.347449 0 0.347449 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 3 1 8 2 0.6666667
B 14 0x0400000080004001 1678438543.435399 1678438543.435399 0.000000 1 5 eth:ipv4:udp:udpencap:esp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 4500 192.168.58.75 07 "Private network" 50210 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 4500 ipsec-nat-t 1 1 9 1 9 9 9 0 0 0 0 0 0 0 0 0.8 0x0001 65535 0 42 42 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.347449 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 3 7 1 1
A 15 0x0400000000004000 1678438543.087951 1678438543.087951 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 50211 18.156.144.91 us "Amazon Technologies Inc" 51820 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 51820 unknown 1 1 1 10 1 1 1 0 0 0 0 0 0 0 0 -0.8181818 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.347448 0.347448 0.347448 0.347448 0 0.347448 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 3 1 6 2 0.6666667
B 15 0x0400000000004001 1678438543.435399 1678438543.435399 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 51820 192.168.58.75 07 "Private network" 50211 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 51820 unknown 1 1 10 1 10 10 10 0 0 0 0 0 0 0 0 0.8181818 0x0001 65535 0 42 42 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.347448 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 3 5 1 1
A 16 0x0400000000004000 1678438543.088030 1678438543.088030 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 50212 18.156.144.91 us "Amazon Technologies Inc" 3433 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 3433 alta-smp 1 1 1 9 1 1 1 0 0 0 0 0 0 0 0 -0.8 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.347369 0.347369 0.347369 0.347369 0 0.347369 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 3 1 4 2 0.6666667
B 16 0x0400000000004001 1678438543.435399 1678438543.435399 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 3433 192.168.58.75 07 "Private network" 50212 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 3433 alta-smp 1 1 9 1 9 9 9 0 0 0 0 0 0 0 0 0.8 0x0001 65535 0 42 42 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.347369 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 3 3 1 1
A 17 0x0400000000004000 1678438543.088059 1678438543.088059 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 50213 18.156.144.91 us "Amazon Technologies Inc" 500 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 500 isakmp 1 1 1 8 1 1 1 0 0 0 0 0 0 0 0 -0.7777778 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.34734 0.34734 0.34734 0.34734 0 0.34734 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 3 1 2 2 0.6666667
B 17 0x0400000000004001 1678438543.435399 1678438543.435399 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 18.156.144.91 us "Amazon Technologies Inc" 500 192.168.58.75 07 "Private network" 50213 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 500 isakmp 1 1 8 1 8 8 8 0 0 0 0 0 0 0 0 0.7777778 0x0001 65535 0 42 42 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.34734 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 3 1 1 1
A 30 0x0400000000004000 1678438545.154876 1678438545.154876 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 50214 192.168.44.40 07 "Private network" 53 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 53 domain 1 1 41 73 41 41 41 0 0 0 0 0 0 0 0 -0.2807018 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.100622 0.100622 0.100622 0.100622 0 0.100622 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 2 1 4 4 2
B 30 0x0400000000004001 1678438545.255498 1678438545.255498 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 192.168.44.40 07 "Private network" 53 192.168.58.75 07 "Private network" 50214 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 53 domain 1 1 73 41 73 73 73 0 0 0 0 0 0 0 0 0.2807018 0x0001 65535 0 63 63 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.100622 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 2 3 3 3
A 37 0x0400000000004000 1678438562.153533 1678438562.153533 0.000000 1 3 eth:ipv4:udp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 50215 192.168.44.40 07 "Private network" 53 17 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1 IntelCorp,MY_- 53 domain 1 1 43 75 43 43 43 0 0 0 0 0 0 0 0 -0.2711864 0x0001 65535 0 128 128 0 0x00 0x0c00 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.067652 0.067652 0.067652 0.067652 0 0.067652 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 2 1 2 2 1
B 37 0x0400000000004001 1678438562.221185 1678438562.221185 0.000000 1 3 eth:ipv4:udp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 192.168.44.40 07 "Private network" 53 192.168.58.75 07 "Private network" 50215 17 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_1 -_IntelCorp,MY 53 domain 1 1 75 43 75 75 75 0 0 0 0 0 0 0 0 0.2711864 0x0001 65535 0 63 63 0 0x00 0x0040 0 0x00_0x00000000 0_0 0x00000000_0x00000000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x0000 0x0000 0 0 0x00000000 0 1 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0 65535 0 0 0 0.067652 0 0x00 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 2 1 1 1
A 38 0x0400000000004000 1678438563.217790 1678440659.582582 2096.364792 1 3 eth:ipv4:tcp 0c:7a:15:dd:3e:7f 48:73:97:96:38:22 0x0800 192.168.58.75 07 "Private network" 60610 149.34.250.49 es "PSINet" 8443 6 0x00 1 0c:7a:15:dd:3e:7f_48:73:97:96:38:22_1994 IntelCorp,MY_- 8443 pcsync-https 1994 2186 330689 609771 0 1300 165.842 313.6865 0 14.62185 1.051335 2.358046 0.9511704 157.744 -0.04593302 -0.2967505 0x4a11 1 1 128 128 0 0x00 0x2c40 0 0x00_0x00000000 0_0 0x00000000_0x00000000 715168985 1915 320815 6 1993 606919 72 13143 64240 523605.1 64240 524288 407 144 408 0 0x001a 0x004c 78 237 0x0000003e 1460 256 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.39586 3.8e-05 14.093 0.5614421 1.491738 0.396135 0 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 1 2 2 2
B 38 0x0400000000004001 1678438563.613650 1678440659.540542 2095.926892 1 3 eth:ipv4:tcp 48:73:97:96:38:22 0c:7a:15:dd:3e:7f 0x0800 149.34.250.49 es "PSINet" 8443 192.168.58.75 07 "Private network" 60610 6 0x00 1 48:73:97:96:38:22_0c:7a:15:dd:3e:7f_2186 -_IntelCorp,MY 8443 pcsync-https 2186 1994 609771 330689 0 1300 278.9437 466.9475 0 14.67571 0.9587952 2.281338 1.042975 290.9314 0.04593302 0.2967505 0x4a11 1 65150 45 45 0 0x00 0x2044 0 0x00_0x00000000 0_0 0x00000000_0x00000000 2675087647 2102 732757 7 2186 312805 42 17699 65535 522832 65535 522832 8 177 9 0 0x021a 0x02cc 74 225 0x0000003e 1300 16 0x0000 0x00 0 0x00 0 0 0 0.000000 0.000000 0.000275 3.7e-05 14.66692 0.5466043 1.868303 1.108046 2.390782 0x02 0x00 0 0x00000000_0x00000000_0x0000 0x00000000 0 0 1 1 1 1 1

128
wcx-抓包-用于模型复现/sufshark_t2.txt_headers.txt Normal file
View File

@@ -0,0 +1,128 @@
# Date: 1678503926.012904 sec (Sat 11 Mar 2023 11:05:26 CST)
# Tranalyzer 0.8.14 (Anteater), Tarantula.
# Core configuration: L2, IPv4, IPv6
# SensorID: 666
# PID: 32097
# Command line: /Users/fangxiaoyu/tranalyzer2-0.8.14/tranalyzer2/build/tranalyzer -r /Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/sufshark_openvpn_tcp.pcap -w /Users/fangxiaoyu/Desktop/VPN及其流量识别研究/抓包分析/wcx-抓包-用于模型复现/sufshark_t2.txt
# HW info: fangxiaoyudeMacBook-Pro.local;Darwin;22.3.0;Darwin Kernel Version 22.3.0: Mon Jan 30 20:38:37 PST 2023; root:xnu-8792.81.3~2/RELEASE_ARM64_T6000;arm64
#
# Plugins loaded:
# 01: protoStats, version 0.8.14
# 02: basicFlow, version 0.8.14
# 03: macRecorder, version 0.8.14
# 04: portClassifier, version 0.8.14
# 05: basicStats, version 0.8.14
# 06: tcpFlags, version 0.8.14
# 07: tcpStates, version 0.8.14
# 08: icmpDecode, version 0.8.14
# 09: connStat, version 0.8.14
# 10: txtSink, version 0.8.14
#
# Col No. Type Name Description
1 C dir Flow direction
2 U64 flowInd Flow index
3 H64 flowStat Flow status and warnings
4 U64.U32 timeFirst Date time of first packet
5 U64.U32 timeLast Date time of last packet
6 U64.U32 duration Flow duration
7 U8 numHdrDesc Number of different headers descriptions
8 U16:R numHdrs Number of headers (depth) in hdrDesc
9 SC:R hdrDesc Headers description
10 MAC:R srcMac Mac source
11 MAC:R dstMac Mac destination
12 H16 ethType Ethernet type
13 U16:R ethVlanID VLAN IDs
14 IPX srcIP Source IP address
15 SC srcIPCC Source IP country
16 S srcIPOrg Source IP organisation
17 U16 srcPort Source port
18 IPX dstIP Destination IP address
19 SC dstIPCC Destination IP country
20 S dstIPOrg Destination IP organisation
21 U16 dstPort Destination port
22 U8 l4Proto Layer 4 protocol
23 H8 macStat macRecorder status
24 U32 macPairs Number of distinct source/destination MAC addresses pairs
25 MAC_MAC_U64:R srcMac_dstMac_numP Source/destination MAC address, number of packets of MAC address combination
26 SC_SC:R srcMacLbl_dstMacLbl Source/destination MAC label
27 U16 dstPortClassN Port based classification of the destination port number
28 SC dstPortClass Port based classification of the destination port name
29 U64 numPktsSnt Number of transmitted packets
30 U64 numPktsRcvd Number of received packets
31 U64 numBytesSnt Number of transmitted bytes
32 U64 numBytesRcvd Number of received bytes
33 U16 minPktSz Minimum layer 3 packet size
34 U16 maxPktSz Maximum layer 3 packet size
35 F avePktSize Average layer 3 packet size
36 F stdPktSize Standard deviation layer 3 packet size
37 F minIAT Minimum IAT
38 F maxIAT Maximum IAT
39 F aveIAT Average IAT
40 F stdIAT Standard deviation IAT
41 F pktps Sent packets per second
42 F bytps Sent bytes per second
43 F pktAsm Packet stream asymmetry
44 F bytAsm Byte stream asymmetry
45 H16 tcpFStat tcpFlags status
46 U16 ipMindIPID IP minimum delta IP ID
47 U16 ipMaxdIPID IP maximum delta IP ID
48 U8 ipMinTTL IP minimum TTL
49 U8 ipMaxTTL IP maximum TTL
50 U8 ipTTLChg IP TTL change count
51 H8 ipToS IP Type of Service hex
52 H16 ipFlags IP aggregated flags
53 U16 ipOptCnt IP options count
54 H8_H32 ipOptCpCl_Num IP aggregated options, copy-class and number
55 U16_U16 ip6OptCntHH_D IPv6 Hop-by-Hop destination option counts
56 H32_H32 ip6OptHH_D IPv6 aggregated Hop-by-Hop destination options
57 U32 tcpISeqN TCP initial sequence number
58 U16 tcpPSeqCnt TCP packet seq count
59 U64 tcpSeqSntBytes TCP sent seq diff bytes
60 U16 tcpSeqFaultCnt TCP sequence number fault count
61 U16 tcpPAckCnt TCP packet ACK count
62 U64 tcpFlwLssAckRcvdBytes TCP flawless ACK received bytes
63 U16 tcpAckFaultCnt TCP ACK number fault count
64 U32 tcpBFlgtMx TCP Bytes in Flight MAX
65 U32 tcpInitWinSz TCP initial effective window size
66 F tcpAveWinSz TCP average effective window size
67 U32 tcpMinWinSz TCP minimum effective window size
68 U32 tcpMaxWinSz TCP maximum effective window size
69 U16 tcpWinSzDwnCnt TCP effective window size change down count
70 U16 tcpWinSzUpCnt TCP effective window size change up count
71 U16 tcpWinSzChgDirCnt TCP effective window size direction change count
72 F tcpWinSzThRt TCP packet count ratio below window size WINMIN threshold
73 H16 tcpFlags TCP aggregated protocol flags (FINACK, SYNACK, RSTACK, CWR, ECE, URG, ACK, PSH, RST, SYN, FIN)
74 H16 tcpAnomaly TCP aggregated header anomaly flags
75 U16 tcpOptPktCnt TCP options packet count
76 U16 tcpOptCnt TCP options count
77 H32 tcpOptions TCP aggregated options
78 U16 tcpMSS TCP maximum segment size
79 U16 tcpWS TCP window scale
80 H16 tcpMPTBF TCP MPTCP type bitfield
81 H8 tcpMPF TCP MPTCP flags
82 U8 tcpMPAID TCP MPTCP address ID
83 H8 tcpMPDSSF TCP MPTCP DSS flags
84 U32 tcpTmS TCP time stamp
85 U32 tcpTmER TCP time echo reply
86 F tcpEcI TCP estimated counter increment
87 D tcpUtm TCP estimated up time
88 U64.U32 tcpBtm TCP estimated boot time
89 F tcpSSASAATrip TCP trip time (A: SYN, SYN-ACK, B: SYN-ACK, ACK)
90 F tcpRTTAckTripMin TCP ACK trip min
91 F tcpRTTAckTripMax TCP ACK trip max
92 F tcpRTTAckTripAve TCP ACK trip average
93 F tcpRTTAckTripJitAve TCP ACK trip jitter average
94 F tcpRTTSseqAA TCP round trip time (A: SYN, SYN-ACK, ACK, B: ACK-ACK)
95 F tcpRTTAckJitAve TCP ACK round trip average jitter
96 H8 tcpStatesAFlags TCP state machine anomalies
97 H8 icmpStat ICMP Status
98 U8 icmpTCcnt ICMP type code count
99 H32_H32_H16 icmpBFTypH_TypL_Code ICMP Aggregated type H (>128), L (<32) & code bit field
100 H32 icmpTmGtw ICMP time/gateway
101 F icmpEchoSuccRatio ICMP Echo reply/request success ratio
102 U64 icmpPFindex ICMP parent flowIndex
103 U32 connSip Number of unique source IPs
104 U32 connDip Number of unique destination IPs
105 U32 connSipDip Number of connections between source and destination IP
106 U32 connSipDprt Number of connections between source IP and destination port
107 F connF The f number: connSipDprt / connSip [EXPERIMENTAL]

1
wcx-抓包-用于模型复现/sufshark_t2.txt_icmpStats.txt Normal file
View File

@@ -0,0 +1 @@
Total number of ICMP packets: 0 [0.00%]

30
wcx-抓包-用于模型复现/sufshark_t2.txt_protocols.txt Normal file
View File

@@ -0,0 +1,30 @@
# Total packets: 4790 (4.79 K)
# Total bytes: 1429275 (1.43 M)
# L2/3 Protocol Packets Bytes Description
0x0800 4790 [100.00%] 1429275 [100.00%] Internet Protocol version 4 (IPv4)
# Total IPv4 packets: 4790 (4.79 K) [100.00%]
# Total IPv6 packets: 0 [0.00%]
# L4 Protocol Packets Bytes Description
6 4768 [ 99.54%] 1427519 [ 99.88%] Transmission Control Protocol (TCP)
17 22 [ 0.46%] 1756 [ 0.12%] User Datagram Protocol (UDP)
# Total TCP packets: 4768 (4.77 K) [99.54%]
# Total TCP bytes: 1427519 (1.43 M) [99.88%]
# TCP Port Packets Bytes Description
80 7 [ 0.15%] 421 [ 0.03%] World Wide Web HTTP
443 574 [ 12.04%] 253311 [ 17.74%] HTTP protocol over TLS/SSL
8443 4187 [ 87.81%] 1173787 [ 82.23%] PCsync HTTPS
# Total UDP packets: 22 [0.46%]
# Total UDP bytes: 1756 (1.76 K) [0.12%]
# UDP Port Packets Bytes Description
53 12 [ 54.55%] 1164 [ 66.29%] Domain Name Server (DNS)
123 2 [ 9.09%] 180 [ 10.25%] Network Time Protocol
500 2 [ 9.09%] 103 [ 5.87%] isakmp
3433 2 [ 9.09%] 103 [ 5.87%] Altaworks Service Management Platform
4500 2 [ 9.09%] 103 [ 5.87%] IPsec NAT-Traversal
51820 2 [ 9.09%] 103 [ 5.87%]

BIN
wcx-抓包-用于模型复现/surkshark_openvpn_udp.pcap Normal file
View File

Binary file not shown.

BIN
wcx-抓包-用于模型复现/torguard_openvpn_udp.pcap Normal file
View File

Binary file not shown.