diff options
Diffstat (limited to 'tests/cfgs/default/result/telegram_videocall.pcapng.out')
| -rw-r--r-- | tests/cfgs/default/result/telegram_videocall.pcapng.out | 68 |
1 files changed, 34 insertions, 34 deletions
diff --git a/tests/cfgs/default/result/telegram_videocall.pcapng.out b/tests/cfgs/default/result/telegram_videocall.pcapng.out index f1b63f8ad..a29c6f5c0 100644 --- a/tests/cfgs/default/result/telegram_videocall.pcapng.out +++ b/tests/cfgs/default/result/telegram_videocall.pcapng.out @@ -38,37 +38,37 @@ TelegramVoip 228 41561 16 Safe 4 295 1 Acceptable 883 382822 33 - 1 TCP 192.168.12.169:37950 <-> 149.154.167.91:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][156 pkts/40749 bytes <-> 214 pkts/142865 bytes][Goodput ratio: 75/90][41.14 sec][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 246/152 12847/5983 1291/707][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 261/668 1090/1294 224/564][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.257 (Encrypted Executable?)][PLAIN TEXT (MMHu@J)][Plen Bins: 0,0,2,2,4,5,6,4,4,3,0,1,0,0,1,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0,0,0,0,0,0,0,0] - 2 TCP 192.168.12.169:40830 <-> 149.154.167.222:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][80 pkts/7287 bytes <-> 100 pkts/120708 bytes][Goodput ratio: 27/95][28.19 sec][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 437/1 25008/31 3114/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 91/1207 644/1294 95/289][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.638 (Encrypted or Random?)][PLAIN TEXT (elySaT)][Plen Bins: 0,0,0,0,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,94,0,0,0,0,0,0,0,0,0] - 3 UDP 192.168.12.169:42405 <-> 93.36.13.115:35393 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][DPI packets: 7][cat: VoIP/10][59 pkts/17987 bytes <-> 55 pkts/9102 bytes][Goodput ratio: 86/75][2.02 sec][bytes ratio: 0.328 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/28 306/117 48/28][Pkt Len c2s/s2c min/avg/max/stddev: 65/63 305/165 1154/435 330/102][Mapped IP/Port: 93.36.13.115:35393][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BPEmhF0)][Plen Bins: 8,28,25,7,0,0,0,15,0,1,1,0,2,1,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0] - 4 TCP 192.168.12.169:40832 <-> 149.154.167.222:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][18 pkts/2256 bytes <-> 15 pkts/13705 bytes][Goodput ratio: 47/93][28.20 sec][bytes ratio: -0.717 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/280 2909/2997 746/859][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 125/914 644/1294 150/495][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.526 (Encrypted or Random?)][PLAIN TEXT (lmd/HB)][Plen Bins: 0,0,0,0,6,6,6,0,0,0,6,0,0,0,0,0,0,0,6,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,57,0,0,0,0,0,0,0,0,0] - 5 TCP 192.168.12.169:46862 <-> 149.154.167.51:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][11 pkts/1963 bytes <-> 8 pkts/2558 bytes][Goodput ratio: 63/79][10.13 sec][bytes ratio: -0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1124/32 9909/87 3106/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 178/320 452/670 155/261][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.322 (Encrypted or Random?)][Plen Bins: 0,0,0,11,0,22,0,0,0,0,22,0,11,0,0,0,11,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 6 TCP 192.168.12.169:46866 <-> 149.154.167.51:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][9 pkts/1879 bytes <-> 6 pkts/1822 bytes][Goodput ratio: 68/78][10.11 sec][bytes ratio: 0.015 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/30 1440/34 9925/41 3464/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 209/304 436/839 161/306][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.504 (Encrypted or Random?)][Plen Bins: 0,0,0,14,0,0,0,14,0,14,0,28,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 7 UDP 192.168.12.169:40643 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 7][cat: VoIP/10][8 pkts/1224 bytes <-> 10 pkts/1236 bytes][Goodput ratio: 72/66][14.20 sec][Hostname/SNI: telegram.org][bytes ratio: -0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 2360/1766 13458/13458 4964/4420][Pkt Len c2s/s2c min/avg/max/stddev: 70/102 153/124 170/190 33/25][Mapped IP/Port: 93.47.225.70:11618][Peer IP/Port: 93.36.13.115:35393][Relayed IP/Port: 91.108.9.35:56058][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 5,16,34,16,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 8 UDP 192.168.12.169:40906 -> 10.46.103.200:42554 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][DPI packets: 7][cat: VoIP/10][13 pkts/1846 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][13.47 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 98/0 1088/0 1553/0 481/0][Pkt Len c2s/s2c min/avg/max/stddev: 142/0 142/0 142/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic][PLAIN TEXT (BBEvpfJJpa)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 9 UDP 192.168.12.169:42405 -> 10.46.103.200:42554 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][DPI packets: 7][cat: VoIP/10][13 pkts/1846 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][13.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 97/0 1047/0 2004/0 541/0][Pkt Len c2s/s2c min/avg/max/stddev: 142/0 142/0 142/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic][PLAIN TEXT (bfyeXPVa97N)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 10 TCP 192.168.12.169:40834 <-> 149.154.167.222:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][5 pkts/788 bytes <-> 3 pkts/890 bytes][Goodput ratio: 57/77][0.17 sec][bytes ratio: -0.061 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/47 24/68 42/90 14/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/297 315/750 110/321][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.107 (Compressed Executable?)][Plen Bins: 0,0,0,0,0,0,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 11 UDP 192.168.12.169:49667 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 7][cat: VoIP/10][6 pkts/912 bytes <-> 6 pkts/704 bytes][Goodput ratio: 72/64][14.30 sec][Hostname/SNI: telegram.org][bytes ratio: 0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 82/81 176/176 283/284 76/77][Pkt Len c2s/s2c min/avg/max/stddev: 70/102 152/117 170/134 37/14][Mapped IP/Port: 93.47.225.70:11619][Peer IP/Port: 93.36.13.115:35393][Relayed IP/Port: 91.108.13.23:62318][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (ehscoNGDW)][Plen Bins: 8,16,33,16,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 12 UDP 192.168.12.169:49780 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 7][cat: VoIP/10][6 pkts/912 bytes <-> 6 pkts/704 bytes][Goodput ratio: 72/64][14.31 sec][Hostname/SNI: telegram.org][bytes ratio: 0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 83/84 174/175 253/252 62/61][Pkt Len c2s/s2c min/avg/max/stddev: 70/102 152/117 170/134 37/14][Mapped IP/Port: 93.47.225.70:11620][Peer IP/Port: 93.36.13.115:35393][Relayed IP/Port: 91.108.17.2:45408][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 8,16,33,16,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 13 TCP 192.168.12.169:37966 <-> 149.154.167.91:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Chat/9][5 pkts/1117 bytes <-> 3 pkts/464 bytes][Goodput ratio: 70/55][0.15 sec][bytes ratio: 0.413 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/32 20/62 33/91 13/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 223/155 532/324 196/120][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.574 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,33,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 14 UDP 192.168.12.169:37444 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.31 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 159/159 7082/7082 14005/14005 6923/6923][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Mapped IP/Port: 93.47.225.70:11623][Relayed IP/Port: 91.108.17.2:35898][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 15 UDP 192.168.12.169:37530 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.30 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 133/132 7082/7082 14032/14032 6950/6950][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Mapped IP/Port: 93.47.225.70:11622][Relayed IP/Port: 91.108.13.23:34290][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 16 UDP 192.168.12.169:37849 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.20 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 30/45 7084/7084 14138/14124 7054/7040][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Mapped IP/Port: 93.47.225.70:11621][Relayed IP/Port: 91.108.9.35:63273][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Bs/cdOs)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 17 UDP 192.168.12.169:40906 <-> 93.36.13.115:35393 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/248 bytes <-> 2 pkts/244 bytes][Goodput ratio: 66/65][0.13 sec][Mapped IP/Port: 93.36.13.115:35393][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 18 UDP 192.168.12.169:40906 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Mapped IP/Port: 93.47.225.70:11616][Rsp Origin IP/Port: 91.108.9.35:1400][Other IP/Port: 10.67.66.99:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 19 UDP 192.168.12.169:40906 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.28 sec][Mapped IP/Port: 93.47.225.70:11616][Rsp Origin IP/Port: 91.108.13.23:1400][Other IP/Port: 10.160.194.103:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (RBkPSgr)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 20 UDP 192.168.12.169:40906 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Mapped IP/Port: 93.47.225.70:11616][Rsp Origin IP/Port: 91.108.17.2:1400][Other IP/Port: 10.130.194.98:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 21 UDP 192.168.12.169:42197 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.9.35:1400][Other IP/Port: 10.67.66.99:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BZOyNeHQUCZIf)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.13.23:1400][Other IP/Port: 10.160.194.103:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.17.2:1400][Other IP/Port: 10.130.194.98:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 24 UDP 192.168.12.1:17500 -> 192.168.12.255:17500 [proto: 121/Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Cloud/13][2 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][30.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][DPI packets: 1][cat: Web/5][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: No client to server traffic / TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 4][cat: Cloud/13][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 27 ICMPV6 [fe80::98df:58ff:fefa:ebdc]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][4 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][32.62 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 28 ICMP 192.168.12.169:0 -> 91.108.9.35:0 [proto: 81/ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.590 (Executable?)][PLAIN TEXT (ORtRLoo/fpi)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 29 ICMP 192.168.12.169:0 -> 91.108.13.23:0 [proto: 81/ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.612 (Executable?)][PLAIN TEXT (BuBNffVSd)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 30 ICMP 192.168.12.169:0 -> 91.108.17.2:0 [proto: 81/ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.01 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.737 (Executable?)][PLAIN TEXT (KHOirrFTCqEz)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 31 TCP 192.168.12.169:37948 <-> 149.154.167.91:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: DPI (partial)][DPI packets: 3][cat: Chat/9][2 pkts/128 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.03 sec][Risk: ** TCP Connection Issues **** Probing attempt **][Risk Score: 100][Risk Info: Connection refused (client) / TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 32 UDP [fe80::abe:acff:fe0b:176e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes][Goodput ratio: 42/0][< 1 sec][Hostname/SNI: _ipps._tcp.local][_ipps._tcp.local][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 33 UDP 192.168.12.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Hostname/SNI: _ipps._tcp.local][_ipps._tcp.local][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 34 ICMPV6 [fe80::abe:acff:fe0b:176e]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.12.169:37950 <-> 149.154.167.91:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][156 pkts/40749 bytes <-> 214 pkts/142865 bytes][Goodput ratio: 75/90][41.14 sec][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 246/152 12847/5983 1291/707][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 261/668 1090/1294 224/564][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.257 (Encrypted Executable?)][PLAIN TEXT (MMHu@J)][Plen Bins: 0,0,2,2,4,5,6,4,4,3,0,1,0,0,1,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,60,0,0,0,0,0,0,0,0,0] + 2 TCP 192.168.12.169:40830 <-> 149.154.167.222:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][80 pkts/7287 bytes <-> 100 pkts/120708 bytes][Goodput ratio: 27/95][28.19 sec][bytes ratio: -0.886 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 437/1 25008/31 3114/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 91/1207 644/1294 95/289][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.638 (Encrypted or Random?)][PLAIN TEXT (elySaT)][Plen Bins: 0,0,0,0,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,94,0,0,0,0,0,0,0,0,0] + 3 UDP 192.168.12.169:42405 <-> 93.36.13.115:35393 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: VoIP/10][59 pkts/17987 bytes <-> 55 pkts/9102 bytes][Goodput ratio: 86/75][2.02 sec][bytes ratio: 0.328 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/28 306/117 48/28][Pkt Len c2s/s2c min/avg/max/stddev: 65/63 305/165 1154/435 330/102][Mapped IP/Port: 93.36.13.115:35393][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BPEmhF0)][Plen Bins: 8,28,25,7,0,0,0,15,0,1,1,0,2,1,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 TCP 192.168.12.169:40832 <-> 149.154.167.222:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][18 pkts/2256 bytes <-> 15 pkts/13705 bytes][Goodput ratio: 47/93][28.20 sec][bytes ratio: -0.717 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 218/280 2909/2997 746/859][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 125/914 644/1294 150/495][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.526 (Encrypted or Random?)][PLAIN TEXT (lmd/HB)][Plen Bins: 0,0,0,0,6,6,6,0,0,0,6,0,0,0,0,0,0,0,6,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,57,0,0,0,0,0,0,0,0,0] + 5 TCP 192.168.12.169:46862 <-> 149.154.167.51:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][11 pkts/1963 bytes <-> 8 pkts/2558 bytes][Goodput ratio: 63/79][10.13 sec][bytes ratio: -0.132 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1124/32 9909/87 3106/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 178/320 452/670 155/261][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.322 (Encrypted or Random?)][Plen Bins: 0,0,0,11,0,22,0,0,0,0,22,0,11,0,0,0,11,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 6 TCP 192.168.12.169:46866 <-> 149.154.167.51:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][9 pkts/1879 bytes <-> 6 pkts/1822 bytes][Goodput ratio: 68/78][10.11 sec][bytes ratio: 0.015 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/30 1440/34 9925/41 3464/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 209/304 436/839 161/306][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.504 (Encrypted or Random?)][Plen Bins: 0,0,0,14,0,0,0,14,0,14,0,28,0,0,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 7 UDP 192.168.12.169:40643 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 7][cat: VoIP/10][8 pkts/1224 bytes <-> 10 pkts/1236 bytes][Goodput ratio: 72/66][14.20 sec][Hostname/SNI: telegram.org][bytes ratio: -0.005 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 35/0 2360/1766 13458/13458 4964/4420][Pkt Len c2s/s2c min/avg/max/stddev: 70/102 153/124 170/190 33/25][Mapped IP/Port: 93.47.225.70:11618][Peer IP/Port: 93.36.13.115:35393][Relayed IP/Port: 91.108.9.35:56058][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 5,16,34,16,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 8 UDP 192.168.12.169:40906 -> 10.46.103.200:42554 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: VoIP/10][13 pkts/1846 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][13.47 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 98/0 1088/0 1553/0 481/0][Pkt Len c2s/s2c min/avg/max/stddev: 142/0 142/0 142/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic][PLAIN TEXT (BBEvpfJJpa)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 9 UDP 192.168.12.169:42405 -> 10.46.103.200:42554 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: VoIP/10][13 pkts/1846 bytes -> 0 pkts/0 bytes][Goodput ratio: 70/0][13.02 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 97/0 1047/0 2004/0 541/0][Pkt Len c2s/s2c min/avg/max/stddev: 142/0 142/0 142/0 0/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic][PLAIN TEXT (bfyeXPVa97N)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 10 TCP 192.168.12.169:40834 <-> 149.154.167.222:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][5 pkts/788 bytes <-> 3 pkts/890 bytes][Goodput ratio: 57/77][0.17 sec][bytes ratio: -0.061 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 6/47 24/68 42/90 14/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/297 315/750 110/321][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.107 (Compressed Executable?)][Plen Bins: 0,0,0,0,0,0,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 11 UDP 192.168.12.169:49667 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 7][cat: VoIP/10][6 pkts/912 bytes <-> 6 pkts/704 bytes][Goodput ratio: 72/64][14.30 sec][Hostname/SNI: telegram.org][bytes ratio: 0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 82/81 176/176 283/284 76/77][Pkt Len c2s/s2c min/avg/max/stddev: 70/102 152/117 170/134 37/14][Mapped IP/Port: 93.47.225.70:11619][Peer IP/Port: 93.36.13.115:35393][Relayed IP/Port: 91.108.13.23:62318][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (ehscoNGDW)][Plen Bins: 8,16,33,16,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 12 UDP 192.168.12.169:49780 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 7][cat: VoIP/10][6 pkts/912 bytes <-> 6 pkts/704 bytes][Goodput ratio: 72/64][14.31 sec][Hostname/SNI: telegram.org][bytes ratio: 0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 83/84 174/175 253/252 62/61][Pkt Len c2s/s2c min/avg/max/stddev: 70/102 152/117 170/134 37/14][Mapped IP/Port: 93.47.225.70:11620][Peer IP/Port: 93.36.13.115:35393][Relayed IP/Port: 91.108.17.2:45408][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 8,16,33,16,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 13 TCP 192.168.12.169:37966 <-> 149.154.167.91:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: Match by IP][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: Chat/9][5 pkts/1117 bytes <-> 3 pkts/464 bytes][Goodput ratio: 70/55][0.15 sec][bytes ratio: 0.413 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/32 20/62 33/91 13/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 223/155 532/324 196/120][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.574 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,33,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 14 UDP 192.168.12.169:37444 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.31 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 159/159 7082/7082 14005/14005 6923/6923][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Mapped IP/Port: 93.47.225.70:11623][Relayed IP/Port: 91.108.17.2:35898][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 15 UDP 192.168.12.169:37530 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.30 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 133/132 7082/7082 14032/14032 6950/6950][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Mapped IP/Port: 93.47.225.70:11622][Relayed IP/Port: 91.108.13.23:34290][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Unauthorized)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 16 UDP 192.168.12.169:37849 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 6][cat: VoIP/10][3 pkts/402 bytes <-> 3 pkts/378 bytes][Goodput ratio: 68/66][14.20 sec][Hostname/SNI: telegram.org][bytes ratio: 0.031 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 30/45 7084/7084 14138/14124 7054/7040][Pkt Len c2s/s2c min/avg/max/stddev: 70/110 134/126 166/134 45/11][Mapped IP/Port: 93.47.225.70:11621][Relayed IP/Port: 91.108.9.35:63273][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (Bs/cdOs)][Plen Bins: 16,0,50,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 17 UDP 192.168.12.169:40906 <-> 93.36.13.115:35393 [proto: 78.355/STUN.TelegramVoip][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: VoIP/10][2 pkts/248 bytes <-> 2 pkts/244 bytes][Goodput ratio: 66/65][0.13 sec][Mapped IP/Port: 93.36.13.115:35393][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 18 UDP 192.168.12.169:40906 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Mapped IP/Port: 93.47.225.70:11616][Rsp Origin IP/Port: 91.108.9.35:1400][Other IP/Port: 10.67.66.99:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 19 UDP 192.168.12.169:40906 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.28 sec][Mapped IP/Port: 93.47.225.70:11616][Rsp Origin IP/Port: 91.108.13.23:1400][Other IP/Port: 10.160.194.103:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (RBkPSgr)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 20 UDP 192.168.12.169:40906 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Mapped IP/Port: 93.47.225.70:11616][Rsp Origin IP/Port: 91.108.17.2:1400][Other IP/Port: 10.130.194.98:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 21 UDP 192.168.12.169:42197 <-> 91.108.9.35:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.06 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.9.35:1400][Other IP/Port: 10.67.66.99:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BZOyNeHQUCZIf)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 22 UDP 192.168.12.169:42197 <-> 91.108.13.23:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.27 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.13.23:1400][Other IP/Port: 10.160.194.103:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BrHWdEqa2)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 23 UDP 192.168.12.169:42197 <-> 91.108.17.2:1400 [proto: 78.355/STUN.TelegramVoip][IP: 185/Telegram][ClearText][Confidence: DPI (cache)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 4][cat: VoIP/10][2 pkts/124 bytes <-> 2 pkts/252 bytes][Goodput ratio: 32/66][10.30 sec][Mapped IP/Port: 93.47.225.70:11617][Rsp Origin IP/Port: 91.108.17.2:1400][Other IP/Port: 10.130.194.98:1401][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (BYyA/MmBER1)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 24 UDP 192.168.12.1:17500 -> 192.168.12.255:17500 [proto: 121/Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Cloud/13][2 pkts/348 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][30.01 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 25 TCP 18.195.162.93:443 <-> 192.168.12.169:38956 [proto: 91/TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 1][cat: Web/5][2 pkts/163 bytes <-> 2 pkts/132 bytes][Goodput ratio: 19/0][5.09 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: No client to server traffic / TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 26 TCP 192.168.12.169:40710 <-> 52.58.18.25:5222 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 4][cat: Cloud/13][2 pkts/144 bytes <-> 2 pkts/144 bytes][Goodput ratio: 8/8][0.02 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 27 ICMPV6 [fe80::98df:58ff:fefa:ebdc]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][4 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][32.62 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 28 ICMP 192.168.12.169:0 -> 91.108.9.35:0 [proto: 81/ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 1][cat: Network/14][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.590 (Executable?)][PLAIN TEXT (ORtRLoo/fpi)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 29 ICMP 192.168.12.169:0 -> 91.108.13.23:0 [proto: 81/ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 1][cat: Network/14][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.00 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.612 (Executable?)][PLAIN TEXT (BuBNffVSd)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 30 ICMP 192.168.12.169:0 -> 91.108.17.2:0 [proto: 81/ICMP][IP: 185/Telegram][ClearText][Confidence: DPI][FPC: 185/Telegram, Confidence: IP address][DPI packets: 1][cat: Network/14][2 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 69/0][0.01 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.737 (Executable?)][PLAIN TEXT (KHOirrFTCqEz)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 31 TCP 192.168.12.169:37948 <-> 149.154.167.91:443 [proto: 185/Telegram][IP: 185/Telegram][Encrypted][Confidence: DPI (partial)][FPC: 185/Telegram, Confidence: IP address][DPI packets: 3][cat: Chat/9][2 pkts/128 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.03 sec][Risk: ** TCP Connection Issues **** Probing attempt **][Risk Score: 100][Risk Info: Connection refused (client) / TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 32 UDP [fe80::abe:acff:fe0b:176e]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/107 bytes -> 0 pkts/0 bytes][Goodput ratio: 42/0][< 1 sec][Hostname/SNI: _ipps._tcp.local][_ipps._tcp.local][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 33 UDP 192.168.12.1:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/87 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][Hostname/SNI: _ipps._tcp.local][_ipps._tcp.local][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 34 ICMPV6 [fe80::abe:acff:fe0b:176e]:0 -> [ff02::2]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 11/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |