From 59ee1fe1156be234fed796972a29a31a0589e25a Mon Sep 17 00:00:00 2001
From: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>
Date: Tue, 12 Nov 2024 20:11:07 +0100
Subject: [PATCH] Add support for some Chinese shopping platforms (Temu, Shein
 and Taobao) (#2615)

Extend content match list
---
 doc/protocols.rst                             |  27 +++++++++++++
 src/include/ndpi_protocol_ids.h               |   3 ++
 src/lib/ndpi_content_match.c.inc              |  17 +++++++++
 tests/cfgs/default/pcap/sites2.pcapng         | Bin 0 -> 21380 bytes
 ...om_rules_same-ip_multiple_ports.pcapng.out |   4 +-
 tests/cfgs/default/result/sites2.pcapng.out   |  36 ++++++++++++++++++
 tests/cfgs/default/result/synscan.pcap.out    |   4 +-
 tests/cfgs/default/result/weibo.pcap.out      |  13 ++++---
 8 files changed, 94 insertions(+), 10 deletions(-)
 create mode 100644 tests/cfgs/default/pcap/sites2.pcapng
 create mode 100644 tests/cfgs/default/result/sites2.pcapng.out

diff --git a/doc/protocols.rst b/doc/protocols.rst
index 1b1e5dd0523..0f2062e3c5f 100644
--- a/doc/protocols.rst
+++ b/doc/protocols.rst
@@ -1010,3 +1010,30 @@ References: `Main site: <https://www.paltalk.com/>`_
 Naver is South Korea's largest search engine and online platform that offers various services including web search, email, news, shopping, cloud storage, maps, and social media features.
 
 References: `Main site: <https://www.naver.com/>`_
+
+
+.. _Proto 434:
+
+`NDPI_PROTOCOL_SHEIN`
+=====================
+Shein is a fast fashion retailer.
+
+References: `Main site <https://www.shein.com/>`_
+
+
+.. _Proto 435:
+
+`NDPI_PROTOCOL_TEMU`
+====================
+Temu is an online marketplace operated by the Chinese e-commerce company PDD Holdings.
+
+References: `Main site <https://www.temu.com/>`_
+
+
+.. _Proto 436:
+
+`NDPI_PROTOCOL_TAOBAO`
+======================
+Taobao is a Chinese online shopping platform.
+
+References: `Main site <https://www.taobao.com/>`_
diff --git a/src/include/ndpi_protocol_ids.h b/src/include/ndpi_protocol_ids.h
index 8c32bbdc673..1751de853e0 100644
--- a/src/include/ndpi_protocol_ids.h
+++ b/src/include/ndpi_protocol_ids.h
@@ -462,6 +462,9 @@ typedef enum {
   NDPI_PROTOCOL_DINGTALK              = 431,
   NDPI_PROTOCOL_PALTALK               = 432,
   NDPI_PROTOCOL_NAVER                 = 433,
+  NDPI_PROTOCOL_SHEIN                 = 434,
+  NDPI_PROTOCOL_TEMU                  = 435,
+  NDPI_PROTOCOL_TAOBAO                = 436,
 
 #ifdef CUSTOM_NDPI_PROTOCOLS
 #include "../../../nDPI-custom/custom_ndpi_protocol_ids.h"
diff --git a/src/lib/ndpi_content_match.c.inc b/src/lib/ndpi_content_match.c.inc
index 1b14a446822..d0a03907a04 100644
--- a/src/lib/ndpi_content_match.c.inc
+++ b/src/lib/ndpi_content_match.c.inc
@@ -877,6 +877,7 @@ static ndpi_protocol_match host_match[] =
    { "location.live.net",                                     "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "virtualearth.net",                                      "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "trafficmanager.net",                                    "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "microsoftapp.net",                                      "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "testconnectivity.microsoft.com",                        "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_CONNECTIVITY_CHECK, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "teredo.ipv6.microsoft.com",                             "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_CONNECTIVITY_CHECK, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "teredo.ipv6.microsoft.com.nsatc.net",                   "Microsoft",        NDPI_PROTOCOL_MICROSOFT, NDPI_PROTOCOL_CATEGORY_CONNECTIVITY_CHECK, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
@@ -1187,7 +1188,12 @@ static ndpi_protocol_match host_match[] =
    { "alicdn.com",                   "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "aliyuncs.com",                 "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "mmstat.com",                   "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "alibabausercontent.com",       "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "alibabachengdun.com",          "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "alipayobjects.com",            "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "alipay.com",                   "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "aliexpress.com",               "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "aliexpress-media.com",         "Alibaba", NDPI_PROTOCOL_ALIBABA, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
 
    { "mask.icloud.com",               "iCloudPrivateRelay", NDPI_PROTOCOL_ICLOUD_PRIVATE_RELAY, NDPI_PROTOCOL_CATEGORY_VPN, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "mask-h2.icloud.com",            "iCloudPrivateRelay", NDPI_PROTOCOL_ICLOUD_PRIVATE_RELAY, NDPI_PROTOCOL_CATEGORY_VPN, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
@@ -1528,6 +1534,8 @@ static ndpi_protocol_match host_match[] =
    { "mixpanel.com",                    "ADS_Analytic_Track", NDPI_PROTOCOL_ADS_ANALYTICS_TRACK, CUSTOM_CATEGORY_ADVERTISEMENT, NDPI_PROTOCOL_TRACKER_ADS, NDPI_PROTOCOL_DEFAULT_LEVEL },
    /* Twitter ADS */
    { "ads-twitter.com",                 "ADS_Analytic_Track", NDPI_PROTOCOL_ADS_ANALYTICS_TRACK, CUSTOM_CATEGORY_ADVERTISEMENT, NDPI_PROTOCOL_TRACKER_ADS, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   /* TANX (Taobao Ad Network and Exchange) is an advertising and marketing platform based in China */
+   { "tanx.com",                        "ADS_Analytic_Track", NDPI_PROTOCOL_ADS_ANALYTICS_TRACK, CUSTOM_CATEGORY_ADVERTISEMENT, NDPI_PROTOCOL_TRACKER_ADS, NDPI_PROTOCOL_DEFAULT_LEVEL },
 
    { "xvideos.",                         "AdultContent", NDPI_PROTOCOL_ADULT_CONTENT, NDPI_PROTOCOL_CATEGORY_ADULT_CONTENT, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "xvideos-games.com",                "AdultContent", NDPI_PROTOCOL_ADULT_CONTENT, NDPI_PROTOCOL_CATEGORY_ADULT_CONTENT, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
@@ -1696,6 +1704,15 @@ static ndpi_protocol_match host_match[] =
    { "navercorp.com",                    "Naver", NDPI_PROTOCOL_NAVER, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
    { "ncloud.com",                       "Naver", NDPI_PROTOCOL_NAVER, NDPI_PROTOCOL_CATEGORY_WEB, NDPI_PROTOCOL_SAFE, NDPI_PROTOCOL_DEFAULT_LEVEL },
 
+   { "shein.com",                        "Shein", NDPI_PROTOCOL_SHEIN, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "ltwebstatic.com",                  "Shein", NDPI_PROTOCOL_SHEIN, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+
+   { "temu.com",                         "Temu", NDPI_PROTOCOL_TEMU, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "kwcdn.com",                        "Temu", NDPI_PROTOCOL_TEMU, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+
+   { "taobao.com",                       "Taobao", NDPI_PROTOCOL_TAOBAO, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+   { "tmall.com",                        "Taobao", NDPI_PROTOCOL_TAOBAO, NDPI_PROTOCOL_CATEGORY_SHOPPING, NDPI_PROTOCOL_ACCEPTABLE, NDPI_PROTOCOL_DEFAULT_LEVEL },
+
 #ifdef CUSTOM_NDPI_PROTOCOLS
 #include "../../../nDPI-custom/custom_ndpi_content_match_host_match.c.inc"
 #endif
diff --git a/tests/cfgs/default/pcap/sites2.pcapng b/tests/cfgs/default/pcap/sites2.pcapng
new file mode 100644
index 0000000000000000000000000000000000000000..936c140437ec3eafdd20cc06c5447469e2b583f3
GIT binary patch
literal 21380
zcmeIaby!tf_%6B@-BQxsAhGC>Zs|rsI;Fd$8<8%N?(Pl=MFa`ymQX=ZQ6!{2bK-Vy
zb;s}CbD!t_bIy34v6y47Ip2507h`;54bU(#(YhcIh_dhv5-9NZ+aC!YLI6>+b@cG2
z;$s(Jhq3VpuvuF=TDsbrLm&tc5{R;;tF@)MsWTOmuC1%3n~kZf9WxaVI}bYy0)avd
zAhNdhmQ?1hmZt8O7F1?FR1U!NwvN_9RA}HgoI+IYrcP$2PR5+<&H##|_4oT+LR4-x
zmbQ+++~fuxwsi3L^Bz!32n4J%SYNe2{(`lFgIt4n*?aTzSeSAPSX%IMb8|sZfu~S`
zXE1(m5C3270lvP%K?45Tg9RW}iy#vrrpdc20M}r4UljPL$z_Ju;@fMB0+E40gxv_m
zA>v4P1bWLbq~Hi2-EC!sb}p`%B!X|}!F~I74S<3}Kx{&QLqUTjl#7D*q44lPWk8PK
zxioz&{^a`3@}2QJ7X%^>;X_(f1$jU|XlE;{kW$0}z?YPVdl}{Hdc|b}a*f!bLP0)&
z3;8cD3y>a2V7rJDg4`v6YcT(<T|90?SM3t}tzAg~-(e6oq^e{XXb1GFO;R8i1Oj4%
z?XiIaK7a&rK$7e{<bX1mf9HS`bRz~i3<Up?g9zYI|C2)<<RE~D!T|#bJ%@*v^#2-q
zT%Dy>L;IEpqkG8jXe-1f<z~q>m0;5a7`wa~)m~0W-ByZZGt%Vg>0{!B5u_#pUcPpW
zeI%=UZANVxJ`f5#C>|UheD953){*jFj$YVESub8MJ|qj04dH<B0yL>WBXA+u5D2EN
zgEjkii8Oa|fDi)u0elUCpg~Z87Lx-vh#=??IN%N~@Cr5r3xWY>!-Znw?(WRN$<7Hu
zgdl=K3IIXyA-D+eC<q8pM0gZLL?{Xp5)^ok8^Qpg1AwS%xZybvKBvNN?<Li077b^z
zL^m0nc|&~gl)WPp333D=Yyb@uasz^h0FM9<54jHcd<Fb}(g!GCpq%|I%aT1Q9+JR4
zF#k<&cwUTxdV>}7o8BBQu9&3<VM9*~b-v3PAY=G|&Hz&PLzXc>A|QdXe4D1oV+Roe
z0rT%1h|4d=Kn|4kf8$uw{gdN5$Uy*%o-fc6Pk8vI<Wn-UuT$-#{v)b$!PN&Jli$}W
zy&)<Ty3Pef8^*HvA7vR2z+nf30uCMl5Tz?Y+HsPmE9*8LmI*db>oRV%KZOuvxsOK7
zp9&Mwri!w;;{)_iC?W94&Wrad^}Pw*)J5NxyI+vD5~jiW3bUFHchA%<v9R=1)I7ba
zxTuF>To|K6wU%MPD;PB&_Eg4?Ou{&7=+&_B##Aw?UZZ`?gXgR7e#1D?x#4e7lKAk2
zu3qmx1JNMuokp*43c;B{(|9wHS<FwXgswqL$Fg`&q?KNOMw;XuIx>FDCZ3Dvgn_&l
zWZwEn{&)m+Pk?DJ-qoqEadJH4dgY`)*;o2c(vCu}y7}6xj*^!GL?5MmYxhbU;(xv3
zKE;GBH0SL28LcWWe`;6~5B@1d5*4O%Y`zSXg+_@%t#4g`oc;cw3C3_l=_1YyVYtvE
z4Sn?^E5uES%rkv_Pm+-{Sa9P*-C_FXL&yzTt^`KUh8YPRJ5$(f$TPQk248Fqc!aj@
zTQmYMx(ULjD3*e`>2J`gk>1=3Z0<tCF=x3n*c{_}jY8={8oZO|n&<zb&OmBpl*!0=
zfwnPpuKH_U1lc%zpBtQA7<w+zz$z01pTp{9*U?L%UFoltA7PgzOWUK_sc;l}fp`kq
zgV8~J)vflhUGqiaxX_i?YD5eBueP{~Pp_|z)z*v!WqO#`;7VUpW--5@7eY6qm56?@
zBb{zMGtRr<vQk{tM-v`_6j*dI{&hy6?BfSf{QxR6YmZ?CSMeef&N@5)ZXL`X#ij_8
zHwO3X**$l32=jt$;AcuxaCz|si9RWo@yg#&j-XHWds#Pm*<El3flpTB{74;OHRED=
znzAGMR()DZ`Rg+r<?1qX+U{uOMf3%)xxSOeEj-t;Ufq_LDh7umQpI>fE`_;%G)1qD
z=QHn;rClV?c!}K9^HC$jphw`QbxlWqV)WYLl|Fi()&Nol4&K6Tuhdn#Tofi<oAQYD
z^a0u6w<Jr~6Py<o4I@eH9Aq&VS5+4#GYA%fnB;P|N2BgEkYq06U`0I+pe3@sS0Ph2
zf(x~;=u;K-sl+h)K-yqPS&`Vb(%ueZ3|Az2ldCFrOfNe1L5#7-)K_=E)(&AolRAi-
zBrMl>!Yz0y77gl2tkqD-BJe_|g8oP;WA=i-<=O?!w6e{LhSgxQ*qxO3EpdECMH+~O
z%2Y^r^t+GQyy1BrnTV5GUj!o2(|x;fTd2ZE_t`sk^F7WZ+KTD4Esl1n*BEv~mg0nd
zhv_rx3HiL3vGt=Pr41R}tPZ364m{H7d6SN*!Ihqf`poxA=QcMQ8hfI!oI{vX!|jH~
z30PFGCklBS!{K@qa~_8hJ;B|6q7ser$tz`PiUYBF^saGlWX^-@MseKqC~c7Dfv|>P
z=~3whJ<`{T`6I8>sU&c^hr?|j#c_mnZLGX{;ng(OUM=m+pHR3Hc+rvZ9;c}om64bL
z+q=YCffmln%`&;v=-~o;PK-7alKnxYYr^!U?p;!)sy#VZrq8149;EH6UlBg`oo;()
z(KhI(w@MaqsCLYJRqI;m;!x{elE)awy62K)x&z5;%g-{w&Ar}(Q?wiU{BgI)NPEVe
z9$JHEx_2PL&E<7fN?4DlWQ@slUIvd9oJo8Xb775mPKrmHp#Md3H}d{NWV3?X<O=y*
z?;Upi2HreGnI2KQr8~>&+mBO)t1iDcpo7K3DN+{@_<U_N4<{aLg~A<wCgS|@CW~wq
zmkFQ$)V+_(>j9#<9y$bP&1JOAUmqY$cuz(6BYz;i5!M=^Bf6|1obN^bI?k}}{<FyS
zbdf{j7h_cttAb(LC$tirlH0!dxkc{^jVo(VLIPL~lI5@YU-k@qg9qk}fDZuOz|X!Q
z?Z$ulg7GU~u=cAjh|Rw8H$>3Wgw9`m0Ro>lPOY_L&Alin-K0~*r&WgcJ9|VO2pJ!Z
zH0(bVJSplbnLFWqGBQ=9qmRouC72c%*&kBZ(6_Gt{>!yc9iE}(quf{HrWBvzofIni
z>^8Iu1s78#EmjbGdP~BsL`9Rzit;jVG2NwCXzh!W$mrUAL(iojlP5lO!nnHUuBsy=
z9Ooy0<{b2S>!Q$QDpSF>HJlad&NGR(+&gvbzHxK0>F#_hPOzAQD`Gw#)st6M$<Ou5
zmIVwi1~A?}LXWLLWx*G;XiU^z$3Z-(>xj0t)%g;7c67ht8Mm{46E~J^4o?zecM(DJ
zqmOABVL1j7U9Xcg`$p;Vnx|SxO%C$4&x*HaOBvs|Z}cwFM+qO#Efn*0Y?^7I+hCsZ
zY>x}4$v^F;dE%uOIvwje^vE`JENRjG)Tkz@OoPVe?P#dTE^@wsJ|q62bj~LXI7L0o
zJ4vSbzP;S){Y=}7xFWapuJh$`rxhk|V>J4SQwIf*Yq+o^$R?^-?-0Kv5^~CMK`(O3
zCHyKQjxlSuc-N#i(292X>&qv-wwTT9r#nm6MK<gTgOI23FO{-TO4Fzwz#2nKFY>wd
zB{?pIaCM&7I0)U2nK;^2O|&VBg7Fg=q0PY~%YP1jWatHXKsUgpsd2~m<^uW2TFt%W
zWrjk+00R6Vnj9X_o-l{aLoK@7R_8@tUaNV=OnJ&OpXMDTlU?*T8@6WZ(p|U|C=5(E
zuK6{ZRypjV@ezji2AWPZPbL;Guwh-gi(@K{geIj@%LzoHzxf1Fdw8PNt0eeU>y$7`
z_Mj)&Vg8fLK05ge=dbmfPwXljGB6tsMm_3=O*7Cb8(m5sw9MjjdKl}CKi@ZZw)|Yi
zL#2%Hu0vMRDK$;|T1EcKiv5O;i@Y-Xp+;6!Uq%=sKWfQTHO(jW>|`%=TxEy4siipv
z$;rV&;WHVMHpZtng6r_L+HnO)<Ie4M+zw?jMVkFIEDNZ(6KgWGva%U!zX+P^7L`RW
z8H5#S%&XjOA3%p+ttOh+87^Hb&<dGxkBz?Aj1&$(aut^5p{Ci@E!;SK6G!CA=D*hO
z>3DJc{34$5K@qb|fp?XzNlrnCZB(|W_o5N(jZ+hv(xeWetvlUn?yU@GKa4oWk0?!g
zma!pTlh3smVk+3S@!zDQZqp_UKcZYlo2RjL*sn`J_Do3iYTTW=HCIZLtbP~6L3Fgi
zf%F+X(-+SS5wuxRmz7zw)o2?1K{XV1l0qF%Xt)xbA^Ka|sL7rRYLb?QanWc#?$l5x
z#Xa*owq)Y1$j0=l0dzy0?<Lgr#=ls2@M0%C!jMzmk(1HfH+aUsU(i7&`6}VdbH?+x
zVNGX(`f(e#dlYlV+S6ssN2Q*PqN|DM8`HTGjBGE@q-dx3dJ{(ov`k4yi4$y~DR)O`
zBz4crb7<Mh-)36(cP6H>-!_kCxv@eU3bl=09j5ZH>OHk=VIqw{lZ|EUY`u<$ac^JP
zYbLL$I+2Js=lZC9G(_qAVV9`$9Ib1kzM&1I{bqG!q?MlP%@ZBAJlcf2FAfwDVC;#$
z0b;ojAN`h%n4Dqs=cM$7Vj``6E;9#m=JZ9O^thKBV*-Y);r4-Dp^pZtHmg~KBnHST
zTLO*TV+{T89(!U-B~fxnpC??0E6u`M8$)9EI}^H{&5p*u;qQSTC<952OOd`gL`u?t
z`yzaT%!D@XWxa~5IMVb$5cJ*|t=FWhxjO~ce5D%+<<?pQbQ9@1a<<+be!2aX;%7$o
z#eDpQY1@+=<WU(HOd_S}sd*#`k{|ff1irOAe@8+_ZvVu>h3?{6Nt5gygNE$ubbBWp
ztJ(LN5WU_EK?{T2LlXz0=<c%-XC4-wc&gP^Oe@9O2}#XmpiMtZEGs`E8n~(XvM#;(
z1;bm_w$$0R<>RxiYfUA`QFjQWjf#R<npJC~4|@|w|MCT_fL{O;xGuPrUgUuel)?P_
zx&ZFt#Y@l^pg;cA7bMC2@CA&&`2ydsO#{mFDjH=1?>ljV24*t|-pLQQV%2Vh+q_^D
z>vo+G@3fe@MxjQwGQ@NKg?Y^Asm}D^#ajfnPZ)S+eg=vXa(l*?89qMxyyZ@k*zF(R
z5OEvXi9c27mpTpA-dkxr%1R~j);wI~8jg>4oBjB5Iji+RWj=yKAyM_#sfIfKvpKXL
zn9%<E6tlfRKMi$}_;5%!TU_S6rUf-(;<v6bWH!sF=@EE%7VL`6sSmCPXLGN|sI6WH
zq&&%|VqEAj)y&(<Uf|_;$idJdk<I6%C%Zz9ic6xAzx7r<Wp);(OfjL2MN#F4c68uE
z;EWz1c8$rGLOS8K+|A8l4GYT1n>8#Mh?M)<MTK!H#%h?QWxb*vl*8O!T{%`E@mMd0
zMkjjk4I}VJ7wg7Dv?Vjm8VPX-qR-=Bx_a$AjC;O)x{(^KX?FkMjqIApl({8(S@}9*
zSnd`VRnD8<<cjgj5xI5|I4A)<w~j>S{STkfo1G#Oc0b=fr?lsf&Yh)Ea1ERF<EMLf
ztIftrMc^PGm2ePBxO+i8TpErEwSDHmTe3-2S=|sqN{zi5q+*sFfDW&DxWy>!JYJ)G
zS02SYGOucDimvo&a#h{H;;>(1FEZhc*wx5-Pg<MSry=z#Yl623#q^YFB$AaQx-KRU
zsgd|?mZPmJ@3C(1CAYljCS?y2*t9VE6z@@`i+HXnt9%RV{GAT5efhJ%0`y&QwPu{N
zI?}l+lC3d5BfeqtNK--nb~M_#^~C|HKU?{UJ`O{oV>aWrcAI<2P`%Lw)%CS6=p&~%
zBKJJsB^n0PFx>x^f1)cb9@F9QB#&mo>ESH9t3`y@x3cXWTts%2)wFt$L#AQqT_9XC
zw(N^mKJ;*T$?0{kv3Ai!qJ&4wgURs_a^<d_nn-KB?44lE$Ax!jljz$UvvTYPsE?74
zFk<FZP29fZK2Yd`fI0%sn|@xWKZ;!bbDjQsJP5+$MsgK%68SYAWR@<Z6q^mioa%FS
z|BMIe0c-W^f34Gh=C}}h^<NyMR~*8B=SY$PI9eZy|3Bd<@!9(?4zeqbn}6p>#R53G
z(_H?IqX{%BKmzSbbAXjk5^xRXzx7p^8#%~fxbu%3M38QWFMo2Rf_?SZf?wtV^W0;{
z5IIskwCGX|GQqIO24stwnEd&o;R%H4?Rs*VQ@7Ug<IfU|@Xu-=>jd3BCR|{)ao^LC
zD!f&Ua&C>gof5z%4}pMn{e67ZJfeL5BMvih6^DuV)fT2=0k&`pjKic@eXlc6UtJ(Z
z0>s~b#9@BKV^zeFiLPy;-2V4?tREuSFRvQGe!;&6LG4h1c2cg6ivX3qipPpC{uPg9
zd7{P--v2co`$LvMF1qne{eN!{1R@S$L2~K?c|bmBXNQU|{81FZCmMw7?@jpfI~Np+
z0Qa5aM|*CAv_JwmkZuwf@B!Cg{@XY+`5|4k=h<)V5e0an)qptcj5CM>;(=pf2t<Ow
z1mYHCWgFZC%3%H-7mm#j8N^-g{YP9N_SykNjem-_YAZiuFTwZA)+DY{S83rpxoz<#
zkk)FmbWL1a12d$IkxJ|7Rw9OXq1^7rcTVvy?lBW?En!={?WJINevP=$*=Php^Jl!3
zqn8zkww43&R#YJ3iuOy)6^xtX00DdmhPAr``&GdIe+aq$e+jpWzd<L?eT%WW&7)e^
zRW3;Mg#llN*%<e72M2vQZW&ML&u}X$3K(vMhl7U#A=i&rUHpH{2Pjj&%hsDlFZ=(H
zEtD(S>iNI2^?zmSzt!Z2Z2fExZ{1OM`e6@$pHD-WvH*L?f;9E)H=7$xxjG>Q*hA5&
z1(5NFJ^T@~0qx-yx~bE@$M3TMd&q(`hVyT@@qowsDQ1r%GP}G|bI6hZvE}QRDvaum
zcP~|&-E%46YiJ8Zw$#!7M|=1WG5eYJLDnXDtev<Z1+DoDE3R*m`A8LrRP4+h0WUOp
ziK+i`;dJ%`UsWl*l^rN)F`m#oVB^wE5pTv|dVciewF}dVd)zc^ca{;D%ArT+X&#Nl
zh0Lq#_eVxWzdN<p6lK3x3r#${<)!J^TlK8y7Hh!`ZnyW!n-f_lTZ0h-7Q`Qh<ZjMA
zPAgjV*VL>EAk3Ei;7!Ikmr@k<noDc-TM9cf1GE&g;;Df|J59^GmA#oLkE5B?AYii*
zePSZmuO{9OJ#iz$xd}1NI!b0wutxsn$8cZIo|Xvf85TOXHsmq0xj}cDmpI|~<C^21
zB2ns6GKi9040p}IDwyK0-^+M+olKa|C*Sg8>o*)+Bzk+N<!tzZcZjh=dS?ib3G~l!
zxA&(%R#K3i@b>Mp&Tv`@o9%QipcG%Kt;4s|6I-iUNqPnhzJ>~uwea9UJ9U!GNqfgB
zZ=i=vXKJn89;qKfVkz@5zPt0tdCVYT0&&ow&TMO^qm*q{m#f^O$rQblKed-RufJ<L
zq$@#WC$}bgBsLat<qRsX9E`z|U~VY(m9lAFJ>8VaAG0ssaciV|(h@c0foPj<U}I!i
z5^JlH@R@4royQ{%Lu1qV7SypL^W>8*+8ef|moEM%GqGL-;^9$IrB<#mRSK^&d6DGV
zQg?Q0N8|3p5bR3fl|BD2m$I@YbtHOn@pn|-y<=<@lgc5Vo7;X$#os~vN@<S3VEFZ6
zZZ=`d++1kToSZMx#=X}k18&U8Yr13JH}oAw2cpDYYWKac9nCvj)-bRC`Y6$S+%G3<
zU;B08yC<%ZRcrx$M$D#Ke$X;z9wDRh^k%7mH7c^XwVE5swN#;(O(Q7fy6PrdHd#pZ
zbyZevRd0{y97zYw5g$?T+@zn3@T7nzQ4y3Q8$Yxwh&yU$DI<8;JjM1{@S>>6w91zc
z8$)}@1`)NQuDmuDnYHGg5s6>GBOBg_6jSUYx8=5PNW{m{)WzQIQ&WR^`Yjo@Lj4TM
z>u;#b5QT4DcR_vZN8$hMH5G=V`8Q!s5iX~!J%_Kfn(&gJBSqyK@W}3c$l`c!e&W=A
z^L!ssZTfWTEz4&c#jOYQ;fkdb#Zel)R6!&WOgCb=@WU3^2{>abKAG(|_Zfb|NlHCS
z^JCC4o=)|4+b1M5cuhs5{!BE>0w!{;QhhuPjp+DRt0w}~HTYn9_+zuWFZ2Or+gpXH
zjewSDO*?X|{zAOw-Y{eAg}sT_$p*=(+b>Tgs8R@aZhb;y$d*-F+q)5Mo5a&yY3}HI
z5Y=6yFLw*xswArM4T@?u#9irhLF?PZbG)O8;C}Dn@HF%|5rtO-n<ooo^C~-07j80H
zQHPJL+gI4D=}MjV_dc*x?e$_U+&y~E9&t<S;uh9dGV)0z`E$gi58J6QrrE$^EbYcy
zcYIwVjneEJmB<fVvAj@rBm&*cVhoA%*OgZY5HCa~knUjOI1n`~m%hbdHVaEOePnkT
znpt?*e0I^68_-AB)f>)@6lK}Z{-Ifdj#rrLovknft*(cXDlNvqlQ(-4^JSqq@$5|7
zlBNSZDLFYjJ0tQ3A8*<|2zkDl#IS4McDtbDUU1Ra8RrCsCmB(@EZwK}(AMguuf{`)
zoY)<anG_e)Jc>4-BLqdCh7#$VJ?<3PpBIJ4T|%OhsF`VhPD+4(=0OfKyn83kg5=4=
z$CR~~@8SF*BBWwVdT%zj70s%Byiun&?syUOWC{nQO}usL4PoNlWspP9c4jRrJ~+p7
zFz>Nmw0G2O^-@MIC=MD?q9gZ`3OBulG^3t$UM&z~eEy#F18%h0`aR|OzhX8&`+@@B
z|MUgG`~~m@*uVOMbCD|_Lj)1^$^~}$`>9P63`aIuqs^tbWuK|<%r8<&4k#M6nJ7Lo
zqI%81^7Of6-l^s!vtw72{ZZj7g6uq@Pr~RgsrAv2u#>Ef>rixa4$Wpz?u}1<gvQ+P
ziMZdp9GJjhdQisSmwMui#K2khZ8o;m!(ob`MzBD0@FT-bl*bA=WC<(Q^;C^U<(;S{
zE7f;M#wn*<S+SAUL;8{ZK4AF;@Zz`(TeLmIc@infU8KDfwp^_N-&l1gq#~<QI-*h<
zJKnD%v>rP^IOlaKl6sKLv3Ip?YThu{{eI*S-}2jcP`2Wt;Zk}mm1cD@?^9uqWxga0
zpz5D<7#7{LOGGj7s$#ILbNXngj1^?5A;T<lmvtf5(bW|}$sV!dT7YFx$3YJBsN*$T
z^-_4Gj6S@FBg*F@30NsztU=h{4l9R}xja{!4Mw0$(>RQw;}Ui5qWTpw{QcKg-<U}j
zUeh&8PDdCv#wr!_WMF}@$*b~UGi$N<q2HHjvvKBR(LzV53gwWH9(<ORTPGonw1;l5
z=`yAHW&1r<=dnpJW8M*hINqx9JB4&V|2BgNw2!K}R0e(|ACr|+5s<OF_P6sRaXoqs
z`5KxCa0TyhaB1d0p>rCan6R!jDPKZ$G7-!}=0u4!);(5pw&EUT(p=pii^2XpZoT)O
z8Va8Xv;9)}8Ioxh?&lfYP%EV%N8M%_JL`#I%h=?rb!{ro>G|N(&Z#Y?T=gu)NNE1C
ziUYY%aa-Gfg&B=RBr?SpI9Bpb6-vGI)fPVn6$`(mz@1QeJWM@-R=0z`!jc+Q-#1Pf
zbW@J#KJjKe&c3CPW4iPQ)Q8Nrv>0ih`OtPhe!3-HyJ0u2=|?e0q;vDw5hty)to?zc
z<C|Mv`A-^D>6lm>YSY=DCJb#M-WzXoxc^wF$c%AGc05JSwskLhbBYx)1u`QwR3D^c
zG*u13d{${U)g+75OriC{c;q63(55}bZR0KVwwd8+tstf~^0~hvVV>3}glrmVWTB^*
z3oW#|rf)IUG`K1G!ffl)EF((-^lRV0A`1A7e-t^Jja@)}R%>s}5|hIG`qhKruWO&$
z&$04dD|FH$0!j4g3AGE2Zwyt{z2DL?c<(kBVxbb&E`%h+!5dYAO|oeyl>betY3wn=
z!3peXjfBWTC~BUsnuM6sa`MT!<iMQ(H!gYeVhVi&$?FL*ZQuM#2l`65_Mnoz4ROZ3
z;i+Vs$u#REQg@fic0ymjzB5KafW&jBo9^(HZ-oNx0mH%dREN)!-cb&Qnom2odI=TW
zKFyKa;zXzQx3n~E_1{h^yT703d3V;^B8dLsXIYyizUi)I_>scl1XqP62BbO?j7Vcu
zhKK?oBPHxDMD*+QH?b1YO;w{5K0HBwbE4`OSyRD(mcL-8{sv1Vr1+yB_x)jdJw4gZ
z>&GYiA8VvB1~*CU9x({7n_kR)j^heF%#p~{Ea5#C7}~^lYB);RL<v>7$;-PIA{@1%
zgFWgTeD<}!bc{TU3GwdNPGgNEmyJzp%9(NrwM6O4e#7hUNV%h<MtH}|rW4+U%W{OM
z&(sZWXC7Q+u{`1wdvk{&UDsgb249x4T3qetL#;Ydv>4PIZR*vKYTc7~cjlzdrTb6o
z;z!Y5vC56$D76~Vnx*m1Fe>7Bwarr=c8lv=R)0;f(j$5si>~Rmw7Mi&r|Ij}9YUyb
zjn5uK@!asfT0VAv8qQ!tlqLlf|CZYO9_ivJL?=t)O4_4Te{?0M&8T|SkanC8t|aWK
z5@-W`v8TGn%Tz?grr6Q#P0RJz*TYwOcZ{Q5Ub%N`Duo_S>!~PIYJ|&~&}YY^PQ(u>
z=3H<^pB={TRao>nWS6lbziLGrA;+KO&EQvXOvL6$MNpK?8_}n5+EGk4NV{vA(@OhR
z&O|aS$q|)U*G0xMNPL@~03vZyMNWNO;yk7l4Gk-5@|J6euiK+C=TC5PfBAxxpW-CJ
zWu{K9KpD)xuQ%W<vQR-^FcJBSFF=6q{qP0hWe|v-+z?;p;7D>swyPGFVu0jF{d3RP
zXE8<7PdG;1hT>Bcor|`*UA&bTB~*3%kJs&$3ak4i;Ap=Y?vW<T9yvc5AVt4x>#;c!
zSo@Vn6WiUpBNL96Zc!C}bBnBn+wMrJ>a~BRZRq2NGv(00vvs+)^VGY0Bz%USJ2I-y
zS1q{j`an(R3s5fZ_z7dQ8&jZ<5PbE`k4lkDB2dOaNjBK9GSy5IvP;U3DjZ>RnB1JS
zo62alh^Kr^<(t?fMA{?p68<@Eajv|UOIzOdqYrN-vvvL3=77}$lsJ#5Dqt_GR-f>W
zTzx6E@x|V>Ja*!x=D~fr9DMS+ZduaByAxefYfU%R?I>*tkix_m_05*Zuz4Sh4r3k4
z6nc(~$F=1Nrd)Om#JhZYFM;#5t$dX}#WL^Osw><Qb^b1QdL06KJDW}7!kIW@Y5|EZ
zf*`*nr#Zo>N#`7@xnWgWui*uC>tiRbsN;plt_jb_6HKV=91{GUnGTs}7HZZ+<@YLQ
zrd91M{lsFVqc|VS9tGXc!8l*EyykIK!Hpx~uOV?z)9Aw?!e{C_@MSI7G5}L2L7+N8
z)_DADj!H@6OT!)_y*A<Yr%CU%um;_a$jr&`rTjf26xSX<fua?x>O?eDRzGnV_X*!%
zAL>8%$(~YDaQ$X@)AuS&KH7H4;QnUa{G#?u*YO$rl&msy;Irks*S%|kqALUBbhy)8
zkPj?sJkFBRb_|uz&@U29$?Xxwn77|PQV81&6RAGaRtteZKv@LiD?hJ+XO^=5Tm%0e
zyMr+K0Wt~1IG_9)Uzw27g+CVo*1+|n4L`4ef5wgW$@wo_v@6{Hzu^M%4&b&99{(FI
zbzS>^;i6yR_Wd0ffepaz9%%U)7f`6H1g_bI#{66(fD)Mh)(_r(7+1K?|A-63z(W-w
zkiQnqGMibi3xetgV$P?T-sjo`#+|+;f0lwD4C$0$<bDa8NV%38oq>R)SUX!q_Hg;W
zpTcF<&c&0VH*4nZT;YzEqYsc<keZAj5U_sWcqM%QP3KjtwYyNw!vQFR`F9%vHO>P1
zl?7??{;xI!feo-B$!frSaxMk}0ric`@n*p}f3yFT+NHSV`^dM!d__gGUtj60XoV})
z-w&W<)u4()y}gt&%e1C}k<97k@*=+CK`n_Z=C`|_2I-DpjH$7ew8Y-{l6hOk6n-F}
zBS!3_56Y{rg|uuD`_uZ~6k?Xuy36wuc^r51CYz?3vGW@*GOZt)Jp4NMz_!g^n-BGl
zQ&O|@g8k7dy!KhO3BFmN6+5d+{igGC+fjs(GtM#6>HMIa*|%fyy>A7KAfbx47w!$-
z)<11NMZACM@oKAgC!Nr@a@h8yXnIzYXd_$&m%%$4BD<K<UoT~vmc68(LH>nHtFc~j
zNRKXmQHofq!lOfd?*I!Dcbpugza&jZGdbz;#gMEyN-z?mhe%{HqSCqMOSH%V(`_@E
zW+TVuxM|-;`OyvGHV@?56l8;bH%!|&rUMXdf`;{nJcFdi|#jt8Q}kMU@p{9`<l
zt;M-;Qk?=rWyH+r>O?ZnB-3We9zT)SNm})@Dcy_P<@2<v{Sa>ZEuHi2n8`bZyqJ_D
zJ-#~+;7$kSv@>Y%75!2t;Ewf$9B?i^BDxrsUYG3L?srA1QNT@>T)!>xfa{L4#)h88
z#Y%o`0Qrm0Ri_FA)$Z}L@0pE~f?tj~FA`Ofj;YF#w|6T0sH#nL#TQdqWfW^t2kPD9
zb%hU4EjJl#E8nS1LVGmKx)yjTZjv#>#GcaoK}F(F+z@-j!(5IhG{u;vTo_Mq@LS!N
zvQTVsmsqTa@YbF=ZFr$a&!|ezjXs@<Ppdv_vcD})?54~tsuB1wmF`}C73WP1w$xBB
z&e%8h`Whs$`T89C<AM>@dE`l#$gz(jx1REkM_=xREG-5k7N<g9ng@MDZMU$h68>pC
zQh;kPfqLvEqVC}iT!Z;{{eW0y0eTF?^g@0e52Qyw#^dSE)p$Sz&%6)M$aUtii&BHV
zpWbEv>V8eMbJ-mGm_OS=kUvOfc?*XNPY#2Ru(0ka>C9w5L2G`_<?~a0I~TAnpp1C`
zq_dSk=t>tTgZX#c0=?yj3EGyGoZoCqvMvIm1)#J2O{d@M#GF(|Gum@#X1$+7Kb*RV
zca!9~R-5LK*Wkp6CUMHA(aBkj8{YC30V3m|&!8%T>yZ=GTYi)*6+9J)f+`Pft51yl
zI3s<Q*>v}HMYALL5Jmq(rP}cB&>(4I!e(0PBnFJSFl+W`lazGxEKK7~@R5?2x@Y#)
zem=bkv4W9oTeS6|jlI#Cy|8xz@{ia1@1DKMWK!s_r4v3v6(AeEE=V{nI?EEs=?G<$
zeu*GeSye=<*t)bMRdu>ZFq=k5^$ZE&rq%K6H`x7WOb-~UXV<+iOU-YTgtp5F?22~~
zA0*H@$Vs+wbEdOBRS>k6X25*$DzIF;-6-#da{?n90(SAWB811~2yM#6nWzalCyn`S
z#MtS#krgkl`Wx)`pM6kPagxW6`0nrh4)`{#E1UlK*M6UD(nUa80DQ&sK42F2SA5qS
zEC30Vu^nlBZ*AZj%zu+Hxh!Bj0U68tO~w`|S0|f58=O!5eLP9>R0Yi{Ex0CacJoH;
zGkT1QD`;#@t%L;pfJHw9<OADN2l#9-fxN_d_TKS88O*=)!Ubmm?E&VGmcQ{H|KLSs
zzT$<`%3m@4BE!AFciN)+)<00c^>N+<6_V2fPf`Uce$3|Vds_FEQ4tb^Dg2ud9@-X;
z4oNkxf9SZoO>T4)mP?<?z(FL4zB>KX@OF0HP^?vb`~bQO{Rii4%D$rz!ir37BaInF
zf_dG_0NccO1ZJ;1dWO*G4)}Sr1`le!P`7d$7f~(SKv-IlIwpg8^>EEBGb|SJ8kG*`
zwIrUe!@Lf)JPA%M5}6VRm*agEi)!kF0wR42a|<+yg>Emu(YGx$aDv``&_6m8d7qB6
z`s|?wJ5BD5F{O?0>Z6#s;I={UjScn=i};y_3ZmP%gho%oY;4WxVmqa_7+&94st8!{
zv0b6*aMEM-9QdT$9~}_sY=o$N$YS_1&uYFQ=Y^y&W8)%%)MV`l_OxW6_4#UHbuz1`
z0Zpc8!jiwadfz&%OZFS0kLfA*fHZmm^I+T-<{fq!Q99Y8gIlxDU!c1u=jDfU3ON+7
z#L^${S{Mtz;49<{RGOI3euaFZ#CngD-zjXR4Q7iD8wuNW$#;@Gtnmnz2z(Uvw(!Z@
za>42L-d>LB5B}#;w~}#rVVK4*R0*Y{4@OCiX3NKFnlwIJ4VZ7Fyk&hWx>2DoS7l;h
zRg3)SL&OJ0FRof*2c_McmwiJtw#LtI?@knq>YzIz4&mAuDEUy^<E5MGW5cU!tC<o-
zsV9U;-n}kPKmN$Ly+69c@3znclJyL-d#%sDa_+kbZy!vb+8+DfjDe*g)TA8=nG`Vw
zb|V4o>Dexe8Tp!!9?QkT2gt+rA+;18&3K+FsPVi`xbbIKatg}pkNtBaKwgF4(tlI{
z?t%Gl`X@Yl2h_iHaZvwmYWS{|w?I2lODiUThp+a}ql^FAKkvgLkp%Dm^Zq%=#UF%z
z4n6|r-*p4R<1Yb$+(3%A1bIL{XlHqgszhlJz&9C$>xxY)aK)AP@B8N<2XD9V`M=wf
zS);4=X#UooNq{F9uqRbBhF}Xo`vmsWkNtBHcfV2o{NMLDXN^JJRpo!g1@_N%9{jR@
zUbn%`;k&{A>98<LI5HbEzy9{1ZrnxTF0qbrd04NP2G!w4>6hV3P3OqSlSB(9egT20
zC$;hB5w=3OnLVw`(w~0XKmY5z5-PBJ{_B|~aQ_@QV+4U*^Kh^*Xa9b@j{SewLZ<~@
z!Uj$-q5kh2S$fZyl3vC0pakD$>hvThkt`*juSuw@NH6<H{-aG~zxhA!p>G3}|A(aC
z_c)CK*+R8qMgJkQf71&l{~1s(;#Pjsi(u5!syRSrg{KC=uKOXgKjPXTt`+kw^nc&u
z^q&QBqnZ8<x0&_(9;X)I$<*NCA2G?k)VJICKpXxAzg*iq{ZdMA|7MfS!RaY)@qy<z
z5lAlw1j6+FC>&TJbO-`)s0i+lLvX){6L4e>*gVB}feyhKgkU^{pm4xKP;S6Nkn!^1
z;h=DE7@8=D#syRb1@9@OCt#RJs4Nlk5nnN(P;^8H%!(5ohKdBQjevv)Cn>{83?l>!
zXn5Fi_Q2s$drezwM=D28HaAmFVVDs36+9mIPhY9JTAMoB`kK1iIyqA5nA+P~e7}^E
zpkkxal$YS*<pVC{xM388m|Q$CK~7GX01qFGQy(bu!USPFu&bmG3l90IB2p@xIIwFV
z8wwtZzKx}Vt*N8+k6XxiDDps2-^R&<lMQy`dv)m~>}}0V%}lA7q-<;*O_`~*EX{2k
zo$Q^geW;|I*jcHR+%4ESDPUw*O~AO$!Vc6Ge8Jqt($U(&!x2<tSO}En=l+2rLf}K7
z*C4=sG`JApXkf2VajnO5tZy~Q4`9~%PiK-Y1Qt4DDL-4bgqN<I-plcXW4<@x#l}d=
z6(J-}(R%3SFdm7Tv2(jR4aWr=bwErDXGz3i&0W2~PKUk3fGWEwI`eBgW6`0mowHdr
zHIr7MKz5CL5IhnJjl1#npbk5Za|QzWCwpnG9lZmXvtbN&I#xL=9#SZSmvrefZxwY?
zLK7k*R~Od@IOzg{tW8#^MBMz|oB4;!oVTMpkmbaz_UCSqTX|<tR4(a0An1$wq=g2J
znLpH$Sc)E@ymqVAgqHT;0%Lf~qv2taN5Gl#bazC`vJ*GP^YXf&8}eU`Xx`MCCLd&%
zor?;*e6X*y5B@|4S{Q=R0SiHBfnfoCNq!9q{f2-54~Lis!vM>8U>Obufd%Ivq1-@%
zA|fIK9ws;u790mt{BZ{c7a;~7;1uHEaI-Y`aJ6K&zLGXKK-$28;4n8ew{&&quy%9$
zNxnQy?SVtkT-My|=C1BAu|L6}5!`=(IhngTbN!C>FCZ`-u)0(TsxW1k1QIGxRRm}r
z7Ze{5Nv<Ezz^_>uKxj9hqF!EJzazU^Iy<@9x;wf0aKM1Wrq;n2fVRP8L0n1%F_;MK
zW}aXke+2IzwKI3M{~h69>IO8>9uPWL5D5n%1ZoQuEJOZTX#eT9qosSucOL~vxv8@=
zJJ5|GI4tZwjviK^;QzRV>t_Aq7N`qg*N5OZdpNK={7{dpTi1R(^yhmHz%w?!KkH5i
z4tVd^_wcXW<R6O0X6tBvg@)_lU~6IP<o<I-NIcxw!1w<_DMLuytl7Xi{lEF{uMYUj
zNrzy4_u3Ao_V!m5!TSe97&+MI^aunn{6B=?uekQlzMz%+KYhX6l`mlY)fZIr{_ru1
z_aP8uc<2u?gNK7rg0!><L@<INe4B_if8Pa%TXvBgME9@r*v~cjVtua{76JhRek0;u
zzo!CR;0Z*sHbsR9&7RCn1dxvaB(y6Tp7nu4fCFU45y*F;HV_X;EfERRY;56Ld5lt)
zbtUR?XBSOJO;^1@VSe`1NeetCFvm<>lU#fYobQK+$ik%IsB~l$WaeYsYs|F02U$0_
z(03W9G@m5g-rTj3ZjFl>s)VB=Ja+8KFqBM3>dx=EgG_I&kS3cn^tj>(O7gi-^|AUl
zh$jShPlcyj(^V-9iTFvpm@nS(R<l`TRF(q_G3@=@2nL})Xn}ALKr086fuk}jHYt&R
z<-gru@$~2>B4yhP-(_^FD*x)%9tYQ2Z;p95YRFUpyk=>F4j!r;hsf)0{4*MJJv?K#
zT5L5IEN+*TcVQ4O$mS%cxwuzsAGQS2oJ;#y-=z3aT3EzcM<f^d1qFYc+8@08SG@8t
zSpc<jYF}&R^D}Ph=^Sjex75>Tq!%>rMC1#u$#IS#KI}pQ9!WpiCBEO8K3sUC<n~c~
zJM$o27d0Zpq~h%{YhCz_(WgKA4ZyDgegg_26BTi-={i_<F<&2g_XWuhHIp&&%NILS
zw82vvHdM@O#9N+UbPJCvm--N;3Vb3xp_gCz{bOwKuTe_YE)Bn+o4+_E2$t>IF?*#{
zL=f7G8-QhDNn>?4C7~ve(cjNG(eu^$&^(hQ_okv7W}4q6^H#^Q%kHVZrt{+n63ZcD
zN(0d|$k8<ic{v@Gm_s|0Zy)8nqT36Ml!{yy*<mb8^|<&t)wfoWIs>~$_UZPQQZqH(
z5myGxYE_@K1?@Ose60C6m;pO0bP1=K8^A5qd`j7R5{Q^xc&`!WOYT#Whm(!PBR(%p
z5G5s(GDnebsvs92)o6Y}J|_GMga119hi(W$Jm4tq!$RQQzRyIk<dEy3nHaj&f{p9`
z<tM-O8BF)5DZqcvMX;}&4+1(KvWAnBJC&3KCn<~=P$6J;g8S3#<c}}G$p`1pvyI;;
zAOC+%g8rxZ#ZW{6qUZ-NWgp4lF9WjW{f|y`%jH*uZ*CCCg<i+ti!yC|-abQ>-g1cy
zgXTbmPShgvR82+_j#em32DKsfTAapknO_5uGbd>@5l3?eJN@)-#xx{*V@km#c@{Gt
z-^(@>Dmd0~rIAUzNWf)M_IR^W;d9%@i6y}A(?m|7#_|g?`3+HJLpk53y|Hf#CO5n$
z%xKuk^^pj6`R}Ta#}!XFIxBphH#fQKsy(;&P#{9unrO`>u20+{d{J?Q)2)kZ#3|0N
z{efc8V*B7Tx=<sov&ilHrq%@yJ(r3rn%>z<<QlUy&iKzIJ!e$>K)HzM5akw+)F2=N
zU$7n-A^a@=kNE{u8n9>Lzs@h9NPjoYznV~7(1c!1KTu#uz$^s#*AG8g&3`niKU-ZB
zKPwU$%=F=CH4cA-QJ%7I=NF1Fksl@+n8R?wfEhXH1HiSc7I6LoOyIg8Q}7l#Cr}3S
z@9PbCTK{>_7u;X{)fY5uU-<$eh_GKc1Oj9G!2^RvQ2#WU`F+0N3P`&vCyX0xDkTCd
zj0MJ&$B;)CLG$lZ4Dgk!`Gg$!5*30tOcW-JgaBMZ{x_#OzpfyzEL~=M2-!+#=>4SL
zryrr!VdpBl4q4>TQw{v3`F?EkTsy(cK{DaIir2(K=N7UopLiMIj}Wa-9o^Su&&21Q
zYS;v+-6L`#h$Lbh$p+I!GF>7V%!K+=XEr6*)*v=MbxQRz_n(KyT4TlfYaQ2ljG<ML
z&)G>=U6M|hWKg4u7ASIebSUDM+37N7pQZ#g*(iCLe4As|7Z4d^Q$*3pwSD0?zrlCH
zZ#yu?mrmA!DR#ZlGVg;sZg*q#yH`2+AEtWB*NPJzLiKQUIPgjWeBAO2qi5EOW5?L4
zV#dt~EJqi1%UZ-yn(wKd@Q3&oq4QXM*iP4_jIkCC?z+i4#UhUZtiPbF7!W8EJcOKz
zgLxdy?Te5!UkPIzleU<$!^~3fYS**i+Yh<moOM6zp&&pZR@iIm${ix(W9l&*_w|U2
z)~jg0#rhoLDxVm#Snts$n^C7CZH+ahHhA%>9|<ec7`oW^-4~JB6nrNaUg~{nsZiX(
z8p_GiEm5&lOuXY!yA*ppr&(p`T~x((se{OZrIIfk8<(O4v+f2f#x-nt8mZ!&^=vP?
zue-6K_6TURc|{9mo;Tj*2(oc0R0~r+=)3ggOTd~RfY)Cg_&A$&ljyw)kJO_&GV<Qk
zqQ?8OWz7ogHstR(YV(}E3#98FEbyM-n(@<Q*hH^7^mqGe$K0Er#Nd1#w~8ZrlX$iI
zJc$3*z(Hnkz{{`RK5xjfnbC;e<HH|KVes$f5~<5^JnKCHf9;Ea^<9TRT>^CqTyuj7
z)Tu!$4U8Xa_`k)`m}X6`;!f(n#)qorR3)l;fi-;nXby<;V-5c^uK$7Nf8m;5;i~-|
zw_zK=Z5@2`Z@81KTK|P>c7?0@ciiST0B-lw*FWPnfdwFe{lG$Sf{_edgZXd$5I$=T
z;;!xeBQCH<OPKvV=0J}PflyNsHxo{my>WUASNNvOa&CS-n*JFey-h_3Sx!7QoA30#
z@8*Id!vxZU$%O_j(|7?IXzQv{8<(Uak6zVLC21=5DWkAA{k4Ri@}K9FY@pv?0P8Fi
zMMWwPl)?PFJ%kDc0LOH0AUzQN)gCs#K`pK30rm=nZ8N^tc@Y5u0YWOsD3F&K@v;^V
zvSc3L>a@aqcfxMCD3R4PSswR=Y5|*D<V8#6i$jXXkCDBK7}oF@DnDwyFRzBrYTMKl
zqHtFjY&n+IV$M5$K;?mOuT&%U?dx=;d8wR}F)?(tV9{r|$$8P@Vz2D+R_ul#5<>iq
z6}TkBOPmU*Pf;$~y>PI-m=K_q_7rg0uI&XbrwO<{#~#l_%b?EN=21;$N%73j@5@G5
z_vO+$Lf-ikJ|47sAd$%_+Tyn5$!?s^8Fj!)hgu<L+xSp$FKtXsCs~G3tE9+#U+|}n
z)})9_D~EHcHSQu0Jjn24&WjZ3>~TskKz=$GQ}y}2|Bl0F#6t3S1z`VP=?Ks(U;_KO
zzucIV4=98AciBK-nzaCBW97FPYBi6lM9UGl#|G88+8aTN{0<1L0enoPItNKPv2NQ+
zTGe}feRi4~bQwTq8^bkW1n)W8)#%^0+O1v^df4WTp3;3YZ`DAO&_VyRg<D*6f3Zvy
zJEhp#n-t}aJS^NVYUiaI4TDUWFs)pFcSy)c1R2Y#LO$u)!-`jFv*e4-7bM2{rijKX
zaPXT5#+ffIw(}P$9-LI^6vd^@KKSs=6th<wbKRq^L}l}<FHuze#Hef2E%F@iPT!cc
zPSZBKz|f5>ikG~6Pl_)WAgPD+^4<Oq=axxIlF)bC`;$J-?|YS&=M6`<U(aC+^iLO9
z)2oZ9$-94e0xy<)k8S$6UK*{V%rBmiaWpYa>F&#@tP=<EP71WS`0_;w)FbZcyfO#M
zOyQ*a?;5KVG@NR)&65n`bGl)ItKNc^p9-Q9q|!3uCO8<BWivnZkSNuwFecz&92u(i
zc0Ft<(|)41b_?oDT2%GkWNbD?NJ-+s^5t~c#0{RO(U_mzufyD2xDjIz={|7J^9eS&
z-rl#V^UfcQLEe2Y){6F`aATg=?0Vw#ZaTios$>15GR99_#+ChT?4P%&>C>!lKCpgh
zoo;V@psOg7kZj3q8SKkM-6|)x7PEw@!*l}<FaI^q79Tqe$_)Y={Jv?r%zo-#<E5UW
zFKE;U<IMHeq{Yg2`YVIqp)GF~5^!xEOEGl23N|i=mvRoThU3>-d+yylp%E<I+n_Hc
zTj^ZtqOE;pAb!jk`ffQswe$w@>?hTXa{Vs}*w5L|h&K>jtNp4UpGR(g9B;x7m~&;C
zMirS(G1I&7?KEU%xi(CK7K&=1!==>uk-DwVr;1f4Bv}0r_qqz?)r^TpfVD${QE=m&
zMkOi*f(%?XpP1Ft?egN$J2)z7qYWYQyf07g42N>RfIS;5W*CTU(+kECGQH)mF0hiF
zupg%vT9cFZ6`!eMe7yi;^xUVzGnKPL0bkh0eKLc%9Vs=;=8~#*q|fQFou~%R*gM^$
zfHKM}votfAD`dnO&c4L1E?Hqrt;eQSVCtd^hK91g?)7=nCmEkW>Dbk_JF6)fYw#N<
zGXi9FRZ~FfCX7FZap>CTDhlg}+Bn~6J5qPK>G}BA7iU-jDubAs`?VLjozcvXt>h?A
zEAipi61w{h_HA2)ie6oE<QzSnIyJ8Y{vFa`KVwjXd8lT%P@6tVxZGN)W%Ef7r_-%(
zd{deTM7}4cBwfWqC%&E0i<o{RpT328c(uI=6bsQb!P4QwC0$ww2@iW(2|s*HZBBDH
z`04)sr&Ksy*k@mUi;I|IlhSXEqZ+TfYWJc3UNXWB(lr(j;tPpM?$I_JSnWb1J6j%3
zTfOhfH*o9DG9^stN)Km2G`(NA73>N4NWgZ0cI6Eal?D@NSLX6vN&A5^n18n`a80w8
zpj~-&b+!?-;otYL>i@JW4|^dH+t7vcc8MTSqdK=}V*w%58X9%KcoVtg*7epW(fyKq
zE;t8qy8Zc={@hw?O{q(qNIZ1{C{dLvD*0pTPcQ5_^>_roSnypt2yC7i-94?|_2w^H
z@P#}r`K&u>|JjqHbS`cqac-<3EHg41VbyprE+uN~ZIIzwCekUx*_uG-vlLoF&v)6H
zV|BrYPF61orG^S#bxNJGMJE}X$G-Q{UvH?l)n2DWyLY&o`Wl+H77l;6*NChT`DLMP
z^Sdh5dHS>-=p+8p6y!-?YHP%(MJeN*F|=r(8=sz4_Fr$YLd{&kw8tt|u*@!@C3!8l
z(*9P=!1EgYmY?$(cA7qycda*>f1m{0u6?CVHuu7=Q5-{>nRex86i&BSG3l}ww^}yF
zjqEsTq?&bZgpASzF)KC;+(mtdTAnCO5yWcdEqnXPXU--iJe#Mvv{cz<bM4j>lXN{%
zAM$$aV{`Kz+Fyn=UwePJwh39oJ5e-<aTzu69`wQfe5y{X?jB4yi0RVVI`$2tDx!U|
zq1e4iaKnvt2Hxo~_aXbcT)O(P*eRE2uW*c|M}a$^ITk)?KP~iwry2Jlc>Y$|_`|pB
z>(w737|@X&s2?yNe~o1~l@j(?v5|6*zh^++94S14*%!p+qOm``i)*mu^^(q+|FJkt
zxJjxY9!mZ~1M|TPffCxFH(uiqXZn`?!bJy@@j0Pd=dsE6yuy%+?h-?5b5a{g6Y~r)
z=!!5LjvM!*xyR7t=*NX?sz%e#drStG$vr+Yw{KUs4YTuSUvumzX>phzha2u{vhzIp
zV9)$O<kdH=IFamqq==)Cw!^mgvyRMse)Z#gj1|Pa35=eZIp|rE;Nf9PG0B)B<tzuw
NJklJnISb16{{q-uLx2DP

literal 0
HcmV?d00001

diff --git a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
index c41e73e89f1..111d7a5e2dd 100644
--- a/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
+++ b/tests/cfgs/default/result/custom_rules_same-ip_multiple_ports.pcapng.out
@@ -26,6 +26,6 @@ CustomProtocolC	3	222	1
 
 Acceptable                       8 592           3            
 
-	1	TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.440/TLS.CustomProtocolA][IP: 440/CustomProtocolA][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 192.168.1.245:56866 -> 3.3.3.3:443 [proto: 91.443/TLS.CustomProtocolA][IP: 443/CustomProtocolA][Encrypted][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.05 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	2	TCP 192.168.1.245:58288 -> 3.3.3.3:446 [proto: 800/CustomProtocolC][IP: 800/CustomProtocolC][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][3 pkts/222 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][3.04 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	3	TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 441/CustomProtocolB][IP: 441/CustomProtocolB][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	TCP 192.168.1.245:59682 -> 3.3.3.3:444 [proto: 444/CustomProtocolB][IP: 444/CustomProtocolB][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][2 pkts/148 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][1.02 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/sites2.pcapng.out b/tests/cfgs/default/result/sites2.pcapng.out
new file mode 100644
index 00000000000..c434eb4afdf
--- /dev/null
+++ b/tests/cfgs/default/result/sites2.pcapng.out
@@ -0,0 +1,36 @@
+DPI Packets (TCP):	21	(7.00 pkts/flow)
+Confidence DPI              : 3 (flows)
+Num dissector calls: 3 (1.00 diss/flow)
+LRU cache ookla:      0/0/0 (insert/search/found)
+LRU cache bittorrent: 0/0/0 (insert/search/found)
+LRU cache stun:       0/0/0 (insert/search/found)
+LRU cache tls_cert:   0/0/0 (insert/search/found)
+LRU cache mining:     0/0/0 (insert/search/found)
+LRU cache msteams:    0/0/0 (insert/search/found)
+LRU cache fpc_dns:    0/3/0 (insert/search/found)
+Automa host:          3/3 (search/found)
+Automa domain:        3/0 (search/found)
+Automa tls cert:      0/0 (search/found)
+Automa risk mask:     0/0 (search/found)
+Automa common alpns:  5/5 (search/found)
+Patricia risk mask:   0/0 (search/found)
+Patricia risk mask IPv6: 0/0 (search/found)
+Patricia risk:        0/0 (search/found)
+Patricia risk IPv6:   0/0 (search/found)
+Patricia protocols:   4/2 (search/found)
+Patricia protocols IPv6: 0/0 (search/found)
+
+Shein	13	5080	1
+Temu	20	7323	1
+Taobao	15	7085	1
+
+Acceptable                      48 19488         3            
+
+JA3 Host Stats: 
+		 IP Address                  	 # JA3C     
+	1	 192.168.12.67            	 3      
+
+
+	1	TCP 192.168.12.67:47694 <-> 20.15.0.9:443 [proto: 91.435/TLS.Temu][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 7][cat: Shopping/27][10 pkts/1963 bytes <-> 10 pkts/5360 bytes][Goodput ratio: 71/90][0.54 sec][Hostname/SNI: gtm.temu.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.464 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 61/49 282/342 86/112][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 196/536 571/1514 206/532][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.3][JA3C: 92768199641a57091d8ad9085387a16f][JA4: t13d1712h2_5b57614c22b0_3f5d972527c0][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 8,8,8,0,0,0,0,0,0,25,0,0,0,0,0,0,16,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0]
+	2	TCP 192.168.12.67:43446 <-> 59.82.122.224:443 [proto: 91.436/TLS.Taobao][IP: 274/Alibaba][Encrypted][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 8][cat: Shopping/27][9 pkts/2792 bytes <-> 6 pkts/4293 bytes][Goodput ratio: 82/92][0.78 sec][Hostname/SNI: umdc.taobao.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.212 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 111/64 269/253 125/109][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 310/716 1078/1514 359/618][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.2][JA3C: 9b02ebd3a43b62d825e1ac605b621dc8][JA4: t13d1713ht_5b57614c22b0_eca864cca44a][ServerNames: *.alibabachengdun.com,*.alibabachengdun.net,umdc.aliapp.org,*.ynuf.aliapp.org,sgynuf.alibaba.com,pum.m.alibaba.com,ynuf.aliapp.org,mum.hzchengdun.com,mum.m.alibaba.com,umdc.alibaba-inc.com,umidiot.aliapp.org,us-mum.alibabachengdun.com,sg-pum.alibabachengdun.com,sg-pum.alibabachengdun.net,umdc.taobao.com,umdc.tmall.com,alibabachengdun.com][JA3S: 00447ab319e9d94ba2b4c1248e155917][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3][Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alibabachengdun.com][Certificate SHA-1: A4:84:85:BF:7A:3D:54:C0:EE:F2:8B:39:E7:ED:56:FB:74:6B:5E:61][Safari][Validity: 2024-09-11 08:46:01 - 2025-09-04 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,12,0,0,0,0,0,12,0,0,0,0,0,0,0,12,0,0,0,12,0,0,12,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
+	3	TCP 192.168.12.67:46892 <-> 2.23.155.106:443 [proto: 91.434/TLS.Shein][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Shopping/27][7 pkts/1067 bytes <-> 6 pkts/4013 bytes][Goodput ratio: 56/90][0.09 sec][Hostname/SNI: img.shein.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.580 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/5 58/19 21/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 152/669 583/1514 178/648][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.3][JA3C: f79b6bad2ad0641e1921aef10262856b][JA4: t13d1513h2_8daaf6152771_eca864cca44a][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
diff --git a/tests/cfgs/default/result/synscan.pcap.out b/tests/cfgs/default/result/synscan.pcap.out
index 18abcf36d8e..8ad64102599 100644
--- a/tests/cfgs/default/result/synscan.pcap.out
+++ b/tests/cfgs/default/result/synscan.pcap.out
@@ -145,7 +145,7 @@ Unrated                       1848 107192        1844
 	48	TCP 172.16.0.8:36050 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	49	TCP 172.16.0.8:36050 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	50	TCP 172.16.0.8:36050 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	51	TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 434/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	51	TCP 172.16.0.8:36050 -> 64.13.134.52:3260 [proto: 437/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	52	TCP 172.16.0.8:36050 -> 64.13.134.52:3300 [proto: 381/Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	53	TCP 172.16.0.8:36050 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	54	TCP 172.16.0.8:36050 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -218,7 +218,7 @@ Unrated                       1848 107192        1844
 	121	TCP 172.16.0.8:36051 -> 64.13.134.52:2605 [proto: 13/BGP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_3072_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	122	TCP 172.16.0.8:36051 -> 64.13.134.52:3000 [proto: 26/ntop][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	123	TCP 172.16.0.8:36051 -> 64.13.134.52:3128 [proto: 131/HTTP_Proxy][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Web/5][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	124	TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 434/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	124	TCP 172.16.0.8:36051 -> 64.13.134.52:3260 [proto: 437/iSCSI][IP: 0/Unknown][ClearText][Confidence: Match by custom rule][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_4096_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	125	TCP 172.16.0.8:36051 -> 64.13.134.52:3300 [proto: 381/Ceph][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: DataTransfer/4][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	126	TCP 172.16.0.8:36051 -> 64.13.134.52:3306 [proto: 20/MySQL][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Database/11][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_1024_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	127	TCP 172.16.0.8:36051 -> 64.13.134.52:3389 [proto: 88/RDP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: RemoteAccess/12][1 pkts/58 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Desktop/File Sharing **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Found RDP][TCP Fingerprint: 2_64_2048_6bbe28597824/Unknown][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/cfgs/default/result/weibo.pcap.out b/tests/cfgs/default/result/weibo.pcap.out
index af812c1c2c4..24401594da5 100644
--- a/tests/cfgs/default/result/weibo.pcap.out
+++ b/tests/cfgs/default/result/weibo.pcap.out
@@ -11,8 +11,8 @@ LRU cache stun:       0/0/0 (insert/search/found)
 LRU cache tls_cert:   0/0/0 (insert/search/found)
 LRU cache mining:     0/21/0 (insert/search/found)
 LRU cache msteams:    0/0/0 (insert/search/found)
-LRU cache fpc_dns:    7/32/19 (insert/search/found)
-Automa host:          32/28 (search/found)
+LRU cache fpc_dns:    8/32/21 (insert/search/found)
+Automa host:          32/30 (search/found)
 Automa domain:        32/0 (search/found)
 Automa tls cert:      0/0 (search/found)
 Automa risk mask:     12/0 (search/found)
@@ -24,13 +24,14 @@ Patricia risk IPv6:   0/0 (search/found)
 Patricia protocols:   72/16 (search/found)
 Patricia protocols IPv6: 0/0 (search/found)
 
-DNS	4	476	2
+DNS	2	234	1
 HTTP	10	676	4
 TLS	23	1578	15
 QUIC	23	4118	2
 Sina	335	220149	11
 Alibaba	8	877	3
 SinaWeibo	95	39681	7
+Taobao	2	242	1
 
 Safe                            23 1578          15           
 Acceptable                      45 6147          11           
@@ -57,7 +58,7 @@ JA3 Host Stats:
 	14	UDP 192.168.1.105:53543 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.200/DNS.Sina, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/75 bytes <-> 1 pkts/191 bytes][Goodput ratio: 43/78][0.11 sec][Hostname/SNI: img.t.sinajs.cn][93.188.134.246][Risk: ** Minor Issues **][Risk Score: 10][Risk Info: DNS Record with zero TTL][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	15	UDP 192.168.1.105:41352 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.200/DNS.Sina, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/74 bytes <-> 1 pkts/190 bytes][Goodput ratio: 43/77][0.54 sec][Hostname/SNI: js.t.sinajs.cn][93.188.134.246][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	16	UDP 192.168.1.105:51440 <-> 192.168.1.1:53 [proto: 5.274/DNS.Alibaba][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.274/DNS.Alibaba, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/171 bytes][Goodput ratio: 41/75][0.19 sec][Hostname/SNI: g.alicdn.com][47.89.65.229][PLAIN TEXT (alicdn)][Plen Bins: 50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	17	UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Goodput ratio: 44/74][0.47 sec][Hostname/SNI: login.taobao.com][140.205.170.63][PLAIN TEXT (taobao)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	17	UDP 192.168.1.105:33822 <-> 192.168.1.1:53 [proto: 5.436/DNS.Taobao][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.436/DNS.Taobao, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/166 bytes][Goodput ratio: 44/74][0.47 sec][Hostname/SNI: login.taobao.com][140.205.170.63][PLAIN TEXT (taobao)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	18	UDP 192.168.1.105:18035 <-> 192.168.1.1:53 [proto: 5.200/DNS.Sina][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.200/DNS.Sina, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/159 bytes][Goodput ratio: 48/73][0.11 sec][Hostname/SNI: u1.img.mobile.sina.cn][222.73.28.96][PLAIN TEXT (mobile)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	19	UDP 192.168.1.105:50640 <-> 192.168.1.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/77 bytes <-> 1 pkts/157 bytes][Goodput ratio: 45/73][0.47 sec][Hostname/SNI: acjstb.aliyun.com][42.156.184.19][Risk: ** Susp DGA Domain name **** Risky Domain Name **][Risk Score: 150][Risk Info: acjstb.aliyun.com / DGA Name Query with no Error Code][PLAIN TEXT (alibabadns)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	20	UDP 192.168.1.105:7148 <-> 192.168.1.1:53 [proto: 5.356/DNS.SinaWeibo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.356/DNS.SinaWeibo, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/73 bytes <-> 1 pkts/142 bytes][Goodput ratio: 42/70][0.06 sec][Hostname/SNI: www.weibo.com][93.188.134.137][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -75,8 +76,8 @@ JA3 Host Stats:
 	32	TCP 192.168.1.105:58481 <-> 216.58.214.78:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Web/5][1 pkts/66 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.05 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	33	UDP 192.168.1.105:11798 -> 192.168.1.1:53 [proto: 5.356/DNS.SinaWeibo][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.356/DNS.SinaWeibo, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/77 bytes -> 0 pkts/0 bytes][Goodput ratio: 45/0][< 1 sec][Hostname/SNI: account.weibo.com][0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (account)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	34	TCP 192.168.1.105:42280 -> 222.73.28.96:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 200/Sina, Confidence: DNS][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	35	TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	36	TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	35	TCP 192.168.1.105:47721 -> 140.205.170.63:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 436/Taobao, Confidence: DNS][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	36	TCP 192.168.1.105:47723 -> 140.205.170.63:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 436/Taobao, Confidence: DNS][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	37	TCP 192.168.1.105:48352 -> 140.205.174.1:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 274/Alibaba, Confidence: DNS][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	38	TCP 192.168.1.105:48353 -> 140.205.174.1:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 274/Alibaba, Confidence: DNS][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	39	TCP 192.168.1.105:48356 -> 140.205.174.1:443 [proto: 91/TLS][IP: 274/Alibaba][Encrypted][Confidence: Match by port][FPC: 274/Alibaba, Confidence: DNS][DPI packets: 1][cat: Web/5][1 pkts/74 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][TCP Fingerprint: 2_64_29200_2e3cee914fc1/Linux][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]