aboutsummaryrefslogtreecommitdiff
path: root/tests/result/encrypted_sni.pcap.out
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2020-05-28 21:23:02 +0200
committerLuca Deri <deri@ntop.org>2020-05-28 21:23:02 +0200
commit3085d8e4ff0cb12a6d38c3ebbe75b890777cdaa5 (patch)
tree852068dbdc7c3773ace334132be443e609e58346 /tests/result/encrypted_sni.pcap.out
parent9c3bfeca80a5064ce5ac689002a9f518d0cb3347 (diff)
Refreshed test pcap
Diffstat (limited to 'tests/result/encrypted_sni.pcap.out')
-rw-r--r--tests/result/encrypted_sni.pcap.out49
1 files changed, 5 insertions, 44 deletions
diff --git a/tests/result/encrypted_sni.pcap.out b/tests/result/encrypted_sni.pcap.out
index 4a68509c2..979a98615 100644
--- a/tests/result/encrypted_sni.pcap.out
+++ b/tests/result/encrypted_sni.pcap.out
@@ -1,49 +1,10 @@
-Unknown 345 458793 1
-TLS 289 92723 8
-Skype 17 1649 4
-Google 211 41381 7
-Amazon 38 8058 3
-Telegram 6 711 1
-Microsoft 24 10168 1
-Cloudflare 1003 294893 4
-GoogleServices 66 17380 2
+Cloudflare 3 2310 3
JA3 Host Stats:
IP Address # JA3C
- 1 192.168.1.12 5
+ 1 192.168.1.12 1
- 1 TCP 192.168.1.12:49886 <-> 104.27.129.77:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][197 pkts/17789 bytes <-> 211 pkts/175194 bytes][Goodput ratio: 40/93][6.64 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.816 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/26 1000/1000 139/134][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 90/830 770/1506 77/677][TLSv1.3][JA3C: e5ef852e686954ba9fe060fbfa881e15][JA3S: eb1d94daa7e0344597e756a1fb6e7054][ESNI: 9624CB3C4E230827F78CF5BF640D22DEA33FCC598EA6A32D939905586FBE997B9E68661F8956D4893072E19DE24CD1FB88A9F71FC4CC01BAB5C914FDF96A647D671B5E89859BAEEAB122218688496DF4DF0C328C3D5F940B109CEB2A2743D5CBE3594288A229B8C7E2F88303E3FE1A26A89E5001F2BD936890FEF78F06E05ECC063A68BDB8C18DFAC114CF1FECDB8BE1FC2FEECB2315D27998D682B129FD1E3EB5D7985DCBDC452A1082CCC038E0BF69570FEFAC6BC6FB951F89B6792CADA76403C02CEB5DCE1CE6EDDD16D5F7FB6B85D2B92485448DE0088E421E83F1E28B267FBE3B59AE0496FB845213C271D4C5AC5E9E7E5F6A3072445307FCCEB7306710459991C40CC4DC1FC325154C7974DD780371397805456A19AE23EE88475C1DF07697B666][ESNI Cipher: TLS_AES_128_GCM_SHA256][Cipher: TLS_AES_128_GCM_SHA256]
- 2 TCP 192.168.1.12:49866 <-> 104.16.249.249:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][296 pkts/27565 bytes <-> 215 pkts/33001 bytes][Goodput ratio: 42/64][9.05 sec][bytes ratio: -0.090 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/16 1275/347 106/51][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 93/153 164/460 42/114]
- 3 TCP 192.168.1.12:49897 <-> 104.22.71.197:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][26 pkts/2613 bytes <-> 30 pkts/32244 bytes][Goodput ratio: 45/95][0.10 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.850 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/1 24/24 7/5][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 100/1075 770/1506 143/601][TLSv1.3][JA3C: e5ef852e686954ba9fe060fbfa881e15][JA3S: eb1d94daa7e0344597e756a1fb6e7054][ESNI: CD69AC727FFAA0EA70A12AA46E71537EB99234B996818C913C72A0AC1184BFA5DD3B617E013E4CA092B2E9CFB78BCD8D33CBAF12A974DFB78E49B8BF9A57997418EF14C87830961E3C8480D2A4BF27D61D911CEF4300924A9F36105748BAED845FF585E40406545BB35C6DAAD7896433EC4DFD6B6F49728DA85D707DB7AC784F55A6658DC6ADE3087B1E46BBBEDFA44F3E8754B31A6BCF8519D291D3629805FA826E43799EA6E33021CF0A83CA05717B00F37D69841934F5B5BF254C6467888A592C38A3007DB3B7D5CBB8DB742B657F8F973C050BAA817AA571393CD8A4BC0B2312460A77DD0510F4BBCE43D53BCF334E4E8C7570255BBD17714403F4B6925434CD67F96FA9E05D700776810EEB5786B1C8188A4D73F8208B614B93284A8093929594BE][ESNI Cipher: TLS_AES_128_GCM_SHA256][Cipher: TLS_AES_128_GCM_SHA256]
- 4 TCP 192.168.1.12:49896 <-> 99.86.154.2:443 [proto: 91/TLS][cat: Web/5][91 pkts/12581 bytes <-> 50 pkts/19197 bytes][Goodput ratio: 52/83][1.76 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.208 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/36 70/84 13/21][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 138/384 583/1506 87/262][TLSv1.2][Client: content-signature-2.cdn.mozilla.net][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: *.cdn.mozilla.net,cdn.mozilla.net][JA3S: a84411fe11abb8400851be52dd0cba5a][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=Mountain View, O=Mozilla Corporation, OU=Cloud Services, CN=*.cdn.mozilla.net][Certificate SHA-1: EB:4E:81:DD:7C:55:BA:97:15:65:2E:CF:56:47:FB:88:77:E5:5A:8F][Validity: 2019-12-10 00:00:00 - 2020-12-09 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
- 5 TCP 192.168.1.12:49889 <-> 23.111.9.35:443 [proto: 91/TLS][cat: Web/5][22 pkts/2419 bytes <-> 23 pkts/26232 bytes][Goodput ratio: 50/95][0.14 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.831 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/6 31/33 12/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 110/1141 571/1506 121/570][TLSv1.2][Client: use.fontawesome.com][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: *.fontawesome.com,fontawesome.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=Massachusetts, L=Cambridge, O=Fonticons Inc, OU=Font Awesome, CN=*.fontawesome.com][Certificate SHA-1: 7B:2F:0F:22:72:BA:87:DF:1E:0F:40:C0:4C:10:46:76:6D:1D:A8:BF][Validity: 2019-10-28 00:00:00 - 2020-12-23 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
- 6 TCP 192.168.1.12:49885 <-> 216.58.198.4:443 [proto: 91.126/TLS.Google][cat: Web/5][64 pkts/6396 bytes <-> 61 pkts/9689 bytes][Goodput ratio: 34/58][1.94 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.205 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 29/30 295/228 63/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/159 583/1484 74/244][TLSv1.3][Client: www.google.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 7 TCP 192.168.1.12:49881 <-> 52.114.158.91:443 [proto: 91.212/TLS.Microsoft][cat: Cloud/13][12 pkts/2767 bytes <-> 12 pkts/7401 bytes][Goodput ratio: 71/89][1.84 sec][bytes ratio: -0.456 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 176/141 481/383 176/141][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 231/617 1286/1506 340/644][TLSv1.2][Client: mobile.pipe.aria.microsoft.com][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][ServerNames: *.events.data.microsoft.com,events.data.microsoft.com,*.pipe.aria.microsoft.com,pipe.skype.com,*.pipe.skype.com,*.mobile.events.data.microsoft.com,mobile.events.data.microsoft.com,*.events.data.msn.com,events.data.msn.com,*.events.data.msn.cn,events.data.msn.cn][JA3S: 986571066668055ae9481cb84fda634a][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 1][Subject: CN=*.events.data.microsoft.com][Certificate SHA-1: 1A:C2:39:FF:84:FE:1A:C9:81:F5:45:9A:D0:A0:F2:66:D1:8C:38:C9][Validity: 2020-05-07 19:12:58 - 2022-05-07 19:12:58][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
- 8 TCP 192.168.1.12:49891 <-> 216.58.206.42:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][17 pkts/2231 bytes <-> 15 pkts/6521 bytes][Goodput ratio: 49/85][0.26 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.490 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 31/18 9/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/435 583/1484 134/502][TLSv1.3][Client: fonts.googleapis.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 9 TCP 192.168.1.12:49893 <-> 216.58.205.74:443 [proto: 91.239/TLS.GoogleServices][cat: Web/5][19 pkts/2516 bytes <-> 15 pkts/6112 bytes][Goodput ratio: 50/84][0.10 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.417 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/3 31/16 9/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 132/407 583/1484 140/548][TLSv1.2][Client: safebrowsing.googleapis.com][JA3C: 7570245c781d7d7a68e31419177e728d][ServerNames: upload.video.google.com,*.clients.google.com,*.docs.google.com,*.drive.google.com,*.gdata.youtube.com,*.googleapis.com,*.photos.google.com,*.upload.google.com,*.upload.youtube.com,*.youtube-3rd-party.com,upload.google.com,upload.youtube.com,uploads.stage.gdata.youtube.com][JA3S: 5badad76fbdd6e8b6296e2e9f4024401][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=upload.video.google.com][Certificate SHA-1: 7B:83:A0:7A:6D:06:0A:26:7E:01:B9:1A:4D:1A:48:05:A3:7A:C1:1A][Validity: 2020-05-05 08:30:35 - 2020-07-28 08:30:35][Cipher: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256]
- 10 TCP 192.168.1.12:49894 <-> 99.86.154.40:443 [proto: 91/TLS][cat: Web/5][11 pkts/1670 bytes <-> 10 pkts/6073 bytes][Goodput ratio: 56/89][10.24 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.569 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1135/2 10175/14 3196/5][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 152/607 583/1506 163/560][TLSv1.2][Client: normandy.cdn.mozilla.net][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: *.cdn.mozilla.net,cdn.mozilla.net][JA3S: beb7069ae409bccfed702c17ad004223][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=Mountain View, O=Mozilla Corporation, OU=Cloud Services, CN=*.cdn.mozilla.net][Certificate SHA-1: EB:4E:81:DD:7C:55:BA:97:15:65:2E:CF:56:47:FB:88:77:E5:5A:8F][Validity: 2019-12-10 00:00:00 - 2020-12-09 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
- 11 TCP 192.168.1.12:49895 <-> 34.98.75.36:443 [proto: 91/TLS][cat: Web/5][17 pkts/2167 bytes <-> 14 pkts/5269 bytes][Goodput ratio: 48/82][0.23 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.417 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/15 19/131 7/39][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 127/376 583/1484 129/492][TLSv1.3][Client: classify-client.services.mozilla.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 12 TCP 192.168.1.12:49882 <-> 13.35.43.88:443 [proto: 91.178/TLS.Amazon][cat: Web/5][14 pkts/1823 bytes <-> 12 pkts/5515 bytes][Goodput ratio: 49/85][0.11 sec][ALPN: h2;http/1.1][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/8 48/53 14/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 130/460 375/1506 95/552][TLSv1.2][Client: aus5.mozilla.org][JA3C: 839bbe3ed07fed922ded5aaf714d6842][ServerNames: aus5.mozilla.org,aus-api.mozilla.org,balrog-cloudfront.prod.mozaws.net][JA3S: a84411fe11abb8400851be52dd0cba5a][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=California, L=Mountain View, O=Mozilla Corporation, OU=Cloud Services, CN=aus5.mozilla.org][Certificate SHA-1: EB:B4:89:6C:5B:34:A7:AE:FF:9E:B7:76:A9:E2:38:09:4A:AF:C2:68][Validity: 2019-06-27 00:00:00 - 2021-06-16 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
- 13 TCP 192.168.1.12:49888 <-> 23.111.9.35:443 [proto: 91/TLS][cat: Web/5][13 pkts/1594 bytes <-> 10 pkts/5583 bytes][Goodput ratio: 54/90][0.16 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/12 50/35 18/15][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 123/558 571/1506 142/629][TLSv1.2][Client: use.fontawesome.com][JA3C: f6ce47303dce394049af395fc6d0bc20][ServerNames: *.fontawesome.com,fontawesome.com][JA3S: 76cc3e2d3028143b23ec18e27dbd7ca9][Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA][Subject: C=US, ST=Massachusetts, L=Cambridge, O=Fonticons Inc, OU=Font Awesome, CN=*.fontawesome.com][Certificate SHA-1: 7B:2F:0F:22:72:BA:87:DF:1E:0F:40:C0:4C:10:46:76:6D:1D:A8:BF][Validity: 2019-10-28 00:00:00 - 2020-12-23 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
- 14 TCP 192.168.1.12:49890 <-> 192.0.76.3:443 [proto: 91/TLS][cat: Web/5][14 pkts/6984 bytes <-> 1 pkts/66 bytes][Goodput ratio: 89/0][17.10 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.981 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 1277/0 3104/0 1320/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 499/66 571/66 177/0][TLSv1.2][Client: stats.wp.com][JA3C: f6ce47303dce394049af395fc6d0bc20]
- 15 TCP 192.168.1.12:49887 <-> 104.16.125.175:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][14 pkts/2121 bytes <-> 14 pkts/4366 bytes][Goodput ratio: 63/81][0.29 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/6 22/22 9/9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 152/312 770/1506 185/446][TLSv1.3][JA3C: e5ef852e686954ba9fe060fbfa881e15][JA3S: eb1d94daa7e0344597e756a1fb6e7054][ESNI: B900004E39E84B98F5AE87B0A020EC49FED86F2B488B6AB28BDE9F957621F2774366DE90E65C4CA808668911624685EC4C6DC6C161A97CBE82281BC08427697AA3BE6A40E5F00ACF8B63E329317B0E4E85642D50AB8790E6197DA62D9F5B3239DCC59437797FE768A520C9D471FEABA1375DF61E4A39B09363CB109E7B24A793844896DDD16B6EE7DBE576D767161D782D7BF6FEC453A05A923D8D8E9BEFFC97E8E56C4F1AAB70FE99BC97819E1D908A5F3B3094F4BF25EB7A24A94FDBC3E107A423B8BB341F22900F7BBD87780E30B6ECF393FEB8FBFFEB54C79FA0673FE1AAD17B221D4BFF6450AA0CD4AF513066B66080B602147F3ACB7145A436C5689DA20BACB8BF9BABD851012556EC8F7BB9D74BFAAF25DCF4362A5775607C3CE5C2C29F183969][ESNI Cipher: TLS_AES_128_GCM_SHA256][Cipher: TLS_AES_128_GCM_SHA256]
- 16 TCP 192.168.1.12:49899 <-> 216.58.206.67:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1530 bytes <-> 8 pkts/3824 bytes][Goodput ratio: 52/86][0.25 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.428 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/7 173/24 53/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139/478 583/1484 150/567][TLSv1.3][Client: fonts.gstatic.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 17 TCP 192.168.1.12:49900 <-> 216.58.206.67:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1530 bytes <-> 7 pkts/3759 bytes][Goodput ratio: 52/87][0.25 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.421 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/8 177/18 54/9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139/537 583/1484 150/583][TLSv1.3][Client: fonts.gstatic.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 18 TCP 192.168.1.12:49901 <-> 216.58.206.67:443 [proto: 91.126/TLS.Google][cat: Web/5][11 pkts/1530 bytes <-> 7 pkts/3759 bytes][Goodput ratio: 52/87][0.25 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.421 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/8 174/17 53/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139/537 583/1484 150/583][TLSv1.3][Client: fonts.gstatic.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 19 TCP 192.168.1.12:49898 <-> 216.58.206.67:443 [proto: 91.126/TLS.Google][cat: Web/5][9 pkts/1388 bytes <-> 7 pkts/3758 bytes][Goodput ratio: 56/87][0.22 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.461 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/9 151/16 51/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/537 583/1484 160/583][TLSv1.3][Client: fonts.gstatic.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 20 TCP 192.168.1.12:49883 <-> 216.58.198.4:443 [proto: 91.126/TLS.Google][cat: Web/5][6 pkts/925 bytes <-> 5 pkts/2963 bytes][Goodput ratio: 56/89][0.09 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.524 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 19/10 31/16 12/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 154/593 583/1484 192/645][TLSv1.3][Client: www.google.com][JA3C: f6ce47303dce394049af395fc6d0bc20][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Cipher: TLS_AES_128_GCM_SHA256]
- 21 TCP 192.168.1.12:49783 <-> 193.206.135.160:443 [proto: 91/TLS][cat: Web/5][6 pkts/708 bytes <-> 3 pkts/1940 bytes][Goodput ratio: 44/90][18.03 sec][bytes ratio: -0.465 (Download)][IAT c2s/s2c min/avg/max/stddev: 27/9000 3606/9001 8974/9002 4382/1][Pkt Len c2s/s2c min/avg/max/stddev: 66/638 118/647 170/661 52/10]
- 22 TCP 52.114.76.89:443 <-> 192.168.1.12:49778 [proto: 91.125/TLS.Skype][cat: VoIP/10][5 pkts/693 bytes <-> 5 pkts/455 bytes][Goodput ratio: 60/41][0.11 sec][bytes ratio: 0.207 (Upload)][IAT c2s/s2c min/avg/max/stddev: 107/8 27/2 107/8 46/3][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 139/91 259/239 72/74]
- 23 TCP 149.154.167.91:443 <-> 192.168.1.12:49233 [proto: 91.185/TLS.Telegram][cat: Chat/9][3 pkts/513 bytes <-> 3 pkts/198 bytes][Goodput ratio: 61/0][5.13 sec][bytes ratio: 0.443 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1103/1103 2565/2565 4027/4027 1462/1462][Pkt Len c2s/s2c min/avg/max/stddev: 171/66 171/66 171/66 0/0]
- 24 TCP 192.168.1.12:49870 <-> 13.35.43.56:443 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/162 bytes <-> 3 pkts/198 bytes][Goodput ratio: 0/0][20.40 sec][bytes ratio: -0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10049/10050 10194/10194 10339/10339 145/144][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 54/66 54/66 0/0]
- 25 TCP 192.168.1.12:49873 <-> 13.35.43.86:443 [proto: 91.178/TLS.Amazon][cat: Web/5][3 pkts/162 bytes <-> 3 pkts/198 bytes][Goodput ratio: 0/0][20.40 sec][bytes ratio: -0.100 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10046/10046 10192/10192 10339/10339 146/146][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 54/66 54/66 0/0]
- 26 TCP 192.168.1.12:57853 <-> 35.186.224.47:443 [proto: 91.126/TLS.Google][cat: Web/5][2 pkts/167 bytes <-> 2 pkts/163 bytes][Goodput ratio: 21/19][0.03 sec]
- 27 TCP 192.168.1.12:57830 <-> 52.113.199.42:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][2 pkts/166 bytes <-> 1 pkts/101 bytes][Goodput ratio: 35/46][0.03 sec]
- 28 TCP 192.168.1.12:49879 <-> 80.67.68.64:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/132 bytes][Goodput ratio: 0/0][10.30 sec]
- 29 TCP 192.168.1.12:49859 <-> 52.114.88.59:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][1 pkts/54 bytes <-> 1 pkts/66 bytes][Goodput ratio: 0/0][0.04 sec]
- 30 TCP 192.168.1.12:49855 <-> 52.114.75.17:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][1 pkts/54 bytes <-> 1 pkts/60 bytes][Goodput ratio: 0/0][0.03 sec]
-
-
-Undetected flows:
- 1 UDP 192.168.1.12:50092 <-> 193.206.135.160:443 [proto: 0/Unknown][36 pkts/2739 bytes <-> 309 pkts/456054 bytes][Goodput ratio: 45/97][18.06 sec][bytes ratio: -0.988 (Download)][IAT c2s/s2c min/avg/max/stddev: 6/0 2242/33 8950/8983 3873/542][Pkt Len c2s/s2c min/avg/max/stddev: 71/165 76/1476 132/1494 17/142][PLAIN TEXT (uLXe11)]
+ 1 TCP 192.168.1.12:49886 -> 104.27.129.77:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: 9624CB3C4E230827F78CF5BF640D22DEA33FCC598EA6A32D939905586FBE997B9E68661F8956D4893072E19DE24CD1FB88A9F71FC4CC01BAB5C914FDF96A647D671B5E89859BAEEAB122218688496DF4DF0C328C3D5F940B109CEB2A2743D5CBE3594288A229B8C7E2F88303E3FE1A26A89E5001F2BD936890FEF78F06E05ECC063A68BDB8C18DFAC114CF1FECDB8BE1FC2FEECB2315D27998D682B129FD1E3EB5D7985DCBDC452A1082CCC038E0BF69570FEFAC6BC6FB951F89B6792CADA76403C02CEB5DCE1CE6EDDD16D5F7FB6B85D2B92485448DE0088E421E83F1E28B267FBE3B59AE0496FB845213C271D4C5AC5E9E7E5F6A3072445307FCCEB7306710459991C40CC4DC1FC325154C7974DD780371397805456A19AE23EE88475C1DF07697B666][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)]
+ 2 TCP 192.168.1.12:49887 -> 104.16.125.175:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: B900004E39E84B98F5AE87B0A020EC49FED86F2B488B6AB28BDE9F957621F2774366DE90E65C4CA808668911624685EC4C6DC6C161A97CBE82281BC08427697AA3BE6A40E5F00ACF8B63E329317B0E4E85642D50AB8790E6197DA62D9F5B3239DCC59437797FE768A520C9D471FEABA1375DF61E4A39B09363CB109E7B24A793844896DDD16B6EE7DBE576D767161D782D7BF6FEC453A05A923D8D8E9BEFFC97E8E56C4F1AAB70FE99BC97819E1D908A5F3B3094F4BF25EB7A24A94FDBC3E107A423B8BB341F22900F7BBD87780E30B6ECF393FEB8FBFFEB54C79FA0673FE1AAD17B221D4BFF6450AA0CD4AF513066B66080B602147F3ACB7145A436C5689DA20BACB8BF9BABD851012556EC8F7BB9D74BFAAF25DCF4362A5775607C3CE5C2C29F183969][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)]
+ 3 TCP 192.168.1.12:49897 -> 104.22.71.197:443 [proto: 91.220/TLS.Cloudflare][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][TLSv1.2][JA3C: e5ef852e686954ba9fe060fbfa881e15][ESNI: CD69AC727FFAA0EA70A12AA46E71537EB99234B996818C913C72A0AC1184BFA5DD3B617E013E4CA092B2E9CFB78BCD8D33CBAF12A974DFB78E49B8BF9A57997418EF14C87830961E3C8480D2A4BF27D61D911CEF4300924A9F36105748BAED845FF585E40406545BB35C6DAAD7896433EC4DFD6B6F49728DA85D707DB7AC784F55A6658DC6ADE3087B1E46BBBEDFA44F3E8754B31A6BCF8519D291D3629805FA826E43799EA6E33021CF0A83CA05717B00F37D69841934F5B5BF254C6467888A592C38A3007DB3B7D5CBB8DB742B657F8F973C050BAA817AA571393CD8A4BC0B2312460A77DD0510F4BBCE43D53BCF334E4E8C7570255BBD17714403F4B6925434CD67F96FA9E05D700776810EEB5786B1C8188A4D73F8208B614B93284A8093929594BE][ESNI Cipher: TLS_AES_128_GCM_SHA256][PLAIN TEXT (http/1.1)]
Powered by cgit, Themed by Ted Yin.