aboutsummaryrefslogtreecommitdiff
path: root/tests/result/skype_no_unknown.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/result/skype_no_unknown.pcap.out')
-rw-r--r--tests/result/skype_no_unknown.pcap.out22
1 files changed, 11 insertions, 11 deletions
diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out
index 1a5bf00e0..1aaff6fbb 100644
--- a/tests/result/skype_no_unknown.pcap.out
+++ b/tests/result/skype_no_unknown.pcap.out
@@ -17,9 +17,9 @@ JA3 Host Stats:
1 192.168.1.34 3
- 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91/TLS][cat: Web/5][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][Goodput ratio: 72/92][51.22 sec][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 370/331 45360/45460 3946/3736][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235/784 1506/1506 433/915][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: 06207a1730b5deeb207b0556e102ded2][ServerNames: *.gateway.messenger.live.com,*.beta.gateway.edge.messenger.live.com,*.by2.gateway.edge.messenger.live.com,*.sn1.gateway.edge.messenger.live.com][JA3S: 5e4e5596180ebd0ac0317125ee490707][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT SSL SHA2][Subject: CN=*.gateway.messenger.live.com][Certificate SHA-1: 95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51][Validity: 2014-10-27 22:51:07 - 2016-10-26 22:51:07][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 19,2,1,5,0,1,2,0,0,3,0,0,0,1,0,0,0,1,1,0,0,1,1,0,1,0,1,10,1,1,0,0,0,0,0,0,2,0,0,0,3,5,0,0,0,30,0,0]
+ 1 TCP 192.168.1.34:51230 <-> 157.56.126.211:443 [proto: 91/TLS][cat: Web/5][166 pkts/39042 bytes <-> 182 pkts/142645 bytes][Goodput ratio: 72/92][51.22 sec][bytes ratio: -0.570 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 370/331 45360/45460 3946/3736][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 235/784 1506/1506 433/565][Risk: ** Obsolete TLS version (< 1.1) **][TLSv1][JA3C: 06207a1730b5deeb207b0556e102ded2][ServerNames: *.gateway.messenger.live.com,*.beta.gateway.edge.messenger.live.com,*.by2.gateway.edge.messenger.live.com,*.sn1.gateway.edge.messenger.live.com][JA3S: 5e4e5596180ebd0ac0317125ee490707][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT SSL SHA2][Subject: CN=*.gateway.messenger.live.com][Certificate SHA-1: 95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51][Validity: 2014-10-27 22:51:07 - 2016-10-26 22:51:07][Cipher: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA][Plen Bins: 19,2,1,5,0,1,2,0,0,3,0,0,0,1,0,0,0,1,1,0,0,1,1,0,1,0,1,10,1,1,0,0,0,0,0,0,2,0,0,0,3,5,0,0,0,30,0,0]
2 TCP 192.168.1.34:51279 <-> 111.221.74.48:40008 [proto: 125/Skype][cat: VoIP/10][101 pkts/30681 bytes <-> 98 pkts/59934 bytes][Goodput ratio: 78/89][22.75 sec][bytes ratio: -0.323 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 238/215 3095/3095 411/401][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 304/612 1506/1506 406/626][PLAIN TEXT (nZREBS)][Plen Bins: 26,8,2,1,4,2,0,1,0,4,1,0,0,2,0,0,2,1,1,1,2,0,0,0,0,0,0,1,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,30,0,0]
- 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes][Goodput ratio: 77/80][68.36 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2273/323 55625/8255 10249/1510][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 239/276 680/1494 273/358][PLAIN TEXT (/tBGEll)][Plen Bins: 16,16,0,0,0,0,0,0,0,0,16,0,0,0,0,5,2,5,13,16,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0]
+ 3 TCP 192.168.1.34:51227 <-> 17.172.100.36:443 [proto: 91.140/TLS.Apple][cat: Web/5][38 pkts/9082 bytes <-> 38 pkts/10499 bytes][Goodput ratio: 77/80][68.36 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2273/323 55625/8255 10014/1510][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 239/276 680/1494 273/358][PLAIN TEXT (/tBGEll)][Plen Bins: 16,16,0,0,0,0,0,0,0,0,16,0,0,0,0,5,2,5,13,16,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0]
4 UDP 192.168.0.254:1025 -> 239.255.255.250:1900 [proto: 12/SSDP][cat: System/18][36 pkts/13402 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][60.04 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1254/0 19850/0 4801/0][Pkt Len c2s/s2c min/avg/max/stddev: 327/0 372/0 405/0 29/0][PLAIN TEXT (NOTIFY )][Plen Bins: 0,0,0,0,0,0,0,0,11,27,22,38,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.1.34:51231 <-> 23.206.33.166:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][16 pkts/3461 bytes <-> 1 pkts/74 bytes][Goodput ratio: 69/0][54.57 sec][bytes ratio: 0.958 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 3429/0 6616/0 2851/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 216/74 251/74 72/0][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: apps.skype.com][JA3C: 799135475da362592a4be9199d258726][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.34:51297 <-> 91.190.216.24:12350 [proto: 125/Skype][cat: VoIP/10][12 pkts/3242 bytes <-> 3 pkts/290 bytes][Goodput ratio: 75/29][14.87 sec][bytes ratio: 0.836 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1411/28 6276/55 1939/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 270/97 401/150 156/38][Plen Bins: 10,0,20,0,0,0,0,0,0,0,70,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -35,16 +35,16 @@ JA3 Host Stats:
16 TCP 192.168.1.34:51234 <-> 157.55.235.147:40001 [proto: 125/Skype][cat: VoIP/10][14 pkts/1117 bytes <-> 4 pkts/337 bytes][Goodput ratio: 16/21][30.54 sec][bytes ratio: 0.536 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2455/42 9200/81 2778/39][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 80/84 175/137 27/31][Plen Bins: 81,0,9,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 192.168.1.34:51253 <-> 64.4.23.166:443 [proto: 91/TLS][cat: Web/5][11 pkts/1164 bytes <-> 3 pkts/268 bytes][Goodput ratio: 38/23][17.61 sec][bytes ratio: 0.626 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/199 1475/199 4207/199 1525/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 106/89 138/128 31/28][Plen Bins: 0,87,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 192.168.1.34:51247 <-> 157.56.52.44:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1077 bytes <-> 4 pkts/351 bytes][Goodput ratio: 39/22][32.26 sec][bytes ratio: 0.508 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/225 3631/5557 15560/10889 4792/5332][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 108/88 138/145 34/33][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 19 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes][Goodput ratio: 12/27][27.54 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 2213/38 8343/69 2500/31][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 76/92 117/167 12/44][Plen Bins: 81,9,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 19 TCP 192.168.1.34:51257 <-> 157.55.235.170:40032 [proto: 125/Skype][cat: VoIP/10][14 pkts/1059 bytes <-> 4 pkts/367 bytes][Goodput ratio: 12/27][27.54 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/8 2213/38 8343/69 2500/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 76/92 117/167 12/44][Plen Bins: 81,9,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.1.34:51277 <-> 157.55.235.156:40026 [proto: 125/Skype][cat: VoIP/10][13 pkts/1011 bytes <-> 4 pkts/415 bytes][Goodput ratio: 15/34][12.52 sec][bytes ratio: 0.418 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1044/40 4851/80 1546/40][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78/104 163/171 25/41][Plen Bins: 70,10,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 192.168.1.34:51271 <-> 213.199.179.175:443 [proto: 91/TLS][cat: Web/5][12 pkts/1130 bytes <-> 3 pkts/285 bytes][Goodput ratio: 30/28][16.56 sec][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/62 1386/62 6081/62 1875/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 94/95 138/145 22/36][Plen Bins: 0,77,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.1.34:51280 <-> 157.55.235.146:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1130 bytes <-> 3 pkts/285 bytes][Goodput ratio: 30/28][17.58 sec][bytes ratio: 0.597 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/77 1583/77 5936/77 2059/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 94/95 138/145 22/36][Plen Bins: 0,77,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 192.168.1.34:51281 <-> 157.55.235.156:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1095 bytes <-> 3 pkts/285 bytes][Goodput ratio: 28/28][17.58 sec][bytes ratio: 0.587 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/78 1584/78 5941/78 2060/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 91/95 138/145 21/36][Plen Bins: 0,77,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 192.168.1.34:51240 <-> 111.221.74.45:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1022 bytes <-> 4 pkts/351 bytes][Goodput ratio: 35/22][28.19 sec][bytes ratio: 0.489 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3359/3765 13674/7236 4326/3471][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 102/88 138/145 30/33][Plen Bins: 0,71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes][Goodput ratio: 15/25][17.15 sec][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 1477/38 6479/71 1968/33][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77/90 158/147 24/33][Plen Bins: 80,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes][Goodput ratio: 35/22][33.88 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/291 3830/6656 17161/13020 5286/6364][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 101/88 138/145 30/33][Plen Bins: 0,71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 TCP 192.168.1.34:51272 <-> 157.55.235.152:40029 [proto: 125/Skype][cat: VoIP/10][13 pkts/1006 bytes <-> 4 pkts/361 bytes][Goodput ratio: 15/25][17.15 sec][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/6 1477/38 6479/71 1968/32][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 77/90 158/147 24/33][Plen Bins: 80,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 TCP 192.168.1.34:51250 <-> 111.221.77.175:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/1012 bytes <-> 4 pkts/351 bytes][Goodput ratio: 35/22][33.88 sec][bytes ratio: 0.485 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/291 3830/6656 17161/13020 5286/6365][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 101/88 138/145 30/33][Plen Bins: 0,71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 TCP 192.168.1.34:51237 <-> 157.55.130.176:40022 [proto: 125/Skype][cat: VoIP/10][13 pkts/986 bytes <-> 4 pkts/344 bytes][Goodput ratio: 12/23][32.35 sec][bytes ratio: 0.483 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2797/63 14147/123 3995/60][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 76/86 118/144 13/34][Plen Bins: 80,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 28 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes][Goodput ratio: 13/22][17.40 sec][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/7 1497/40 6272/72 2024/33][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75/87 133/134 18/27][Plen Bins: 80,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 28 TCP 192.168.1.34:51276 <-> 157.55.235.146:40021 [proto: 125/Skype][cat: VoIP/10][13 pkts/981 bytes <-> 4 pkts/348 bytes][Goodput ratio: 13/22][17.40 sec][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/7 1497/40 6272/72 2024/32][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 75/87 133/134 18/27][Plen Bins: 80,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
29 TCP 192.168.1.34:51255 <-> 157.55.130.142:40005 [proto: 125/Skype][cat: VoIP/10][13 pkts/1004 bytes <-> 4 pkts/318 bytes][Goodput ratio: 13/16][32.75 sec][bytes ratio: 0.519 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 2833/65 14399/127 4060/62][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 77/80 136/118 17/23][Plen Bins: 80,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 TCP 192.168.1.34:51229 <-> 157.56.52.28:40009 [proto: 125/Skype][cat: VoIP/10][12 pkts/951 bytes <-> 4 pkts/341 bytes][Goodput ratio: 15/22][29.62 sec][bytes ratio: 0.472 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2714/103 11633/206 3500/103][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79/85 157/141 24/33][Plen Bins: 77,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 TCP 192.168.1.34:51248 <-> 111.221.77.175:40030 [proto: 125/Skype][cat: VoIP/10][11 pkts/858 bytes <-> 5 pkts/426 bytes][Goodput ratio: 15/21][27.75 sec][bytes ratio: 0.336 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2725/2317 12657/6632 3959/3054][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78/85 158/146 26/31][Plen Bins: 75,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -53,8 +53,8 @@ JA3 Host Stats:
34 TCP 192.168.1.34:51282 <-> 64.4.23.159:443 [proto: 91/TLS][cat: Web/5][10 pkts/972 bytes <-> 3 pkts/285 bytes][Goodput ratio: 32/28][9.23 sec][bytes ratio: 0.547 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/195 633/195 2177/195 725/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 97/95 138/145 27/36][Plen Bins: 0,71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 TCP 192.168.1.34:51259 <-> 111.221.77.142:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/902 bytes <-> 4 pkts/351 bytes][Goodput ratio: 27/22][27.81 sec][bytes ratio: 0.440 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/292 3406/3304 14303/6316 4510/3012][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 90/88 138/145 23/33][Plen Bins: 0,71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 TCP 192.168.1.34:51256 <-> 111.221.77.142:40013 [proto: 125/Skype][cat: VoIP/10][11 pkts/815 bytes <-> 5 pkts/423 bytes][Goodput ratio: 11/20][27.98 sec][bytes ratio: 0.317 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/4 2765/2392 12863/6880 3983/3176][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 74/85 115/143 14/29][Plen Bins: 75,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 37 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes][Goodput ratio: 23/22][30.09 sec][bytes ratio: 0.416 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3511/4388 15598/8483 4824/4094][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 85/88 138/145 22/33][Plen Bins: 71,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 38 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes][Goodput ratio: 16/28][17.94 sec][bytes ratio: 0.350 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1703/148 4607/294 1700/147][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78/94 159/164 28/40][Plen Bins: 71,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 37 TCP 192.168.1.34:51268 <-> 111.221.74.18:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/852 bytes <-> 4 pkts/351 bytes][Goodput ratio: 23/22][30.09 sec][bytes ratio: 0.416 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/294 3511/4388 15598/8483 4824/4095][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 85/88 138/145 22/33][Plen Bins: 71,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 38 TCP 192.168.1.34:51267 <-> 111.221.74.18:40025 [proto: 125/Skype][cat: VoIP/10][10 pkts/785 bytes <-> 4 pkts/378 bytes][Goodput ratio: 16/28][17.94 sec][bytes ratio: 0.350 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 1703/148 4607/294 1700/146][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 78/94 159/164 28/40][Plen Bins: 71,0,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 TCP 192.168.1.34:51232 <-> 157.56.52.28:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][10 pkts/872 bytes <-> 3 pkts/285 bytes][Goodput ratio: 24/28][18.79 sec][bytes ratio: 0.507 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/199 2008/199 5293/199 1965/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 87/95 138/145 22/36][Plen Bins: 71,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
40 UDP 192.168.1.1:137 <-> 192.168.1.34:137 [proto: 10/NetBIOS][cat: System/18][6 pkts/958 bytes <-> 2 pkts/184 bytes][Goodput ratio: 74/54][1.27 sec][Host: __msbrowse__][bytes ratio: 0.678 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1258 253/1258 1243/1258 495/0][Pkt Len c2s/s2c min/avg/max/stddev: 104/92 160/92 271/92 79/0][PLAIN TEXT (FPFPENFDECFCEPFHFDEFFPFPACAB)][Plen Bins: 0,75,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 TCP 17.143.160.149:5223 <-> 192.168.1.34:50407 [proto: 238.140/ApplePush.Apple][cat: Cloud/13][4 pkts/674 bytes <-> 4 pkts/444 bytes][Goodput ratio: 61/40][10.70 sec][bytes ratio: 0.206 (Upload)][IAT c2s/s2c min/avg/max/stddev: 215/1 3565/3494 10265/10480 4737/4940][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 168/111 279/156 103/45][Plen Bins: 0,0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -84,7 +84,7 @@ JA3 Host Stats:
65 UDP 192.168.1.34:62875 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/539 bytes -> 0 pkts/0 bytes][Goodput ratio: 45/0][26.56 sec][Host: dsn13.d.skype.net][::][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4426/0 9099/0 3400/0][Pkt Len c2s/s2c min/avg/max/stddev: 77/0 77/0 77/0 0/0][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
66 UDP 192.168.1.34:49864 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Goodput ratio: 42/0][26.50 sec][Host: api.skype.com][::][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1089/0 4416/0 9098/0 3405/0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73/0 73/0 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
67 UDP 192.168.1.34:64240 -> 192.168.1.1:53 [proto: 5.125/DNS.Skype][cat: VoIP/10][7 pkts/511 bytes -> 0 pkts/0 bytes][Goodput ratio: 42/0][26.50 sec][Host: api.skype.com][::][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1091/0 4416/0 9098/0 3405/0][Pkt Len c2s/s2c min/avg/max/stddev: 73/0 73/0 73/0 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 68 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes][Goodput ratio: 36/0][0.69 sec][bytes ratio: 0.223 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/54 26/54 53/54 27/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/62 161/66 46/3][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 68 TCP 192.168.1.34:51296 <-> 91.190.216.125:12350 [proto: 125/Skype][cat: VoIP/10][3 pkts/293 bytes <-> 3 pkts/186 bytes][Goodput ratio: 36/0][0.69 sec][bytes ratio: 0.223 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/54 26/54 53/54 26/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 98/62 161/66 46/3][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
69 TCP 192.168.1.34:51308 -> 80.121.84.93:443 [proto: 91/TLS][cat: Web/5][6 pkts/468 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][5.05 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1005/0 1010/0 1015/0 4/0][Pkt Len c2s/s2c min/avg/max/stddev: 78/0 78/0 78/0 0/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
70 UDP 192.168.1.1:138 -> 192.168.1.34:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][2 pkts/452 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][1.26 sec][Host: alicegate][Risk: ** Unsafe Protocol **][PLAIN TEXT ( EBEMEJEDEFEHEBFEEFCACACACACACA)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
71 UDP 192.168.1.34:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][cat: System/18][2 pkts/432 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][1.26 sec][Host: lucasmacbookpro][Risk: ** Unsafe Protocol **][PLAIN TEXT ( EMFFEDEBFDENEBEDECEPEPELFAFCEP)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -265,7 +265,7 @@ Undetected flows:
6 TCP 192.168.1.34:51292 <-> 71.238.7.203:18767 [proto: 0/Unknown][17 pkts/2686 bytes <-> 13 pkts/2218 bytes][Goodput ratio: 58/61][4.67 sec][bytes ratio: 0.095 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/5 290/379 2303/2313 574/649][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/171 843/1090 215/267][Plen Bins: 37,25,18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.1.34:51293 <-> 5.248.186.221:31010 [proto: 0/Unknown][12 pkts/2194 bytes <-> 8 pkts/1711 bytes][Goodput ratio: 63/68][4.10 sec][bytes ratio: 0.124 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/102 400/620 2746/2734 804/960][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 183/214 843/1090 250/332][Plen Bins: 50,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,10,0,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.1.34:51314 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/1407 bytes <-> 9 pkts/652 bytes][Goodput ratio: 48/8][1.10 sec][bytes ratio: 0.367 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 87/130 407/550 121/177][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 128/72 389/104 106/11][Plen Bins: 44,22,11,0,0,0,0,11,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 0/Unknown][14 pkts/1104 bytes <-> 5 pkts/392 bytes][Goodput ratio: 15/15][27.78 sec][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2245/26 12163/53 3486/27][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79/78 162/126 23/24][Plen Bins: 81,9,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 9 TCP 192.168.1.34:51258 <-> 213.199.179.176:40021 [proto: 0/Unknown][14 pkts/1104 bytes <-> 5 pkts/392 bytes][Goodput ratio: 15/15][27.78 sec][bytes ratio: 0.476 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2245/26 12163/53 3486/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79/78 162/126 23/24][Plen Bins: 81,9,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.1.34:51269 <-> 213.199.179.175:40029 [proto: 0/Unknown][14 pkts/1106 bytes <-> 5 pkts/385 bytes][Goodput ratio: 15/14][26.33 sec][bytes ratio: 0.484 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2129/26 11912/51 3215/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/60 79/77 164/119 24/21][Plen Bins: 81,9,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 192.168.1.34:51290 <-> 5.248.186.221:31010 [proto: 0/Unknown][14 pkts/1070 bytes <-> 4 pkts/420 bytes][Goodput ratio: 14/34][15.49 sec][bytes ratio: 0.436 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/102 1186/102 6044/102 1932/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76/105 156/166 23/39][Plen Bins: 70,10,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 192.168.1.34:51301 <-> 82.224.110.241:38895 [proto: 0/Unknown][11 pkts/835 bytes <-> 7 pkts/647 bytes][Goodput ratio: 12/27][1.90 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/69 104/312 618/693 186/282][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/92 107/127 15/21][Plen Bins: 44,55,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -277,7 +277,7 @@ Undetected flows:
18 TCP 192.168.1.34:51291 <-> 81.83.77.141:17639 [proto: 0/Unknown][12 pkts/942 bytes <-> 3 pkts/284 bytes][Goodput ratio: 16/27][12.11 sec][bytes ratio: 0.537 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/94 1118/94 4788/94 1596/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/74 78/95 168/136 28/29][Plen Bins: 77,0,11,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 192.168.1.34:51278 <-> 64.4.23.159:40009 [proto: 0/Unknown][11 pkts/832 bytes <-> 4 pkts/387 bytes][Goodput ratio: 13/30][9.26 sec][bytes ratio: 0.365 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/3 992/99 4167/195 1282/96][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 76/97 132/173 19/44][Plen Bins: 75,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 192.168.1.34:51309 <-> 149.13.32.15:13392 [proto: 0/Unknown][12 pkts/916 bytes <-> 3 pkts/281 bytes][Goodput ratio: 12/27][8.32 sec][bytes ratio: 0.530 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 759/26 3131/52 1054/26][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/94 122/141 14/34][Plen Bins: 77,11,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 21 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 0/Unknown][11 pkts/862 bytes <-> 3 pkts/314 bytes][Goodput ratio: 14/34][4.40 sec][bytes ratio: 0.466 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 418/23 1902/44 578/21][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/105 142/174 21/49][Plen Bins: 75,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 21 TCP 192.168.1.34:51316 <-> 149.13.32.15:13392 [proto: 0/Unknown][11 pkts/862 bytes <-> 3 pkts/314 bytes][Goodput ratio: 14/34][4.40 sec][bytes ratio: 0.466 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 418/23 1902/44 578/21][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/105 142/174 20/49][Plen Bins: 75,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 192.168.1.34:51298 <-> 82.224.110.241:38895 [proto: 0/Unknown][12 pkts/931 bytes <-> 2 pkts/219 bytes][Goodput ratio: 14/36][10.56 sec][bytes ratio: 0.619 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/70 984/70 4078/70 1362/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 78/110 137/145 18/36][Plen Bins: 77,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 192.168.1.34:51313 <-> 212.161.8.36:13392 [proto: 0/Unknown][11 pkts/855 bytes <-> 3 pkts/287 bytes][Goodput ratio: 14/28][6.97 sec][bytes ratio: 0.497 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 703/37 3193/74 1013/37][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/96 135/147 19/36][Plen Bins: 75,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 TCP 192.168.1.34:51311 <-> 93.79.224.176:14506 [proto: 0/Unknown][11 pkts/848 bytes <-> 3 pkts/286 bytes][Goodput ratio: 13/28][8.38 sec][bytes ratio: 0.496 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/22 876/58 3885/93 1223/36][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 77/95 128/146 17/36][Plen Bins: 75,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.