DPI Packets (TCP):	58	(8.29 pkts/flow)
DPI Packets (UDP):	2	(2.00 pkts/flow)
DPI Packets (other):	1	(1.00 pkts/flow)
Confidence DPI              : 9 (flows)
Num dissector calls: 9 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
LRU cache fpc_dns:    1/6/1 (insert/search/found)
Automa host:          8/3 (search/found)
Automa domain:        8/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     3/0 (search/found)
Automa common alpns:  2/2 (search/found)
Patricia risk mask:   6/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   11/7 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

DNS	2	295	1
ICMP	19	10194	1
TLS	2	168	1
Tor	113	57510	5
Microsoft	29	10820	1

Safe                            31 10988         2            
Acceptable                      21 10489         2            
Potentially_Dangerous           113 57510         5            

VPN                            113 57510         5            
Web                             31 10988         2            
Network                         21 10489         2            

JA Host Stats: 
		 IP Address                  	 # JA4C     
	1	 192.168.0.123            	 2      


	1	TCP 192.168.0.123:64623 <-> 86.3.18.251:443 [proto: 91.163/TLS.Tor][IP: 163/Tor][Encrypted][Confidence: DPI][FPC: 163/Tor, Confidence: IP address][DPI packets: 6][cat: VPN/2][21 pkts/11828 bytes <-> 26 pkts/12847 bytes][Goodput ratio: 90/89][4.45 sec][Hostname/SNI: www.sodinn6.com][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.041 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 248/190 2373/2352 553/486][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 563/494 2132/1414 515/421][Risk: ** TLS (probably) Not Carrying HTTPS **** Unsafe Protocol **][Risk Score: 20][Risk Info: No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d181100_6c2ba73853a4_d41ae481755e][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,2,8,0,0,0,2,0,0,0,0,0,0,0,0,0,67,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,2,2,0,0,2,0,0,0,0,0,5,0,0,0,0,5]
	2	TCP 192.168.0.123:64624 <-> 178.17.170.254:443 [proto: 91.163/TLS.Tor][IP: 163/Tor][Encrypted][Confidence: DPI][FPC: 163/Tor, Confidence: IP address][DPI packets: 6][cat: VPN/2][16 pkts/9928 bytes <-> 19 pkts/10825 bytes][Goodput ratio: 91/90][1.05 sec][Hostname/SNI: www.2xik.com][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 60/59 96/101 29/29][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 620/570 2132/1414 589/475][Risk: ** TLS (probably) Not Carrying HTTPS **** Unsafe Protocol **][Risk Score: 20][Risk Info: No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.3][JA4: t13d181100_6c2ba73853a4_d41ae481755e][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,3,11,0,0,0,3,0,0,0,0,0,0,0,0,0,45,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,7,7,0,0,3,0,0,0,0,0,7,0,0,0,0,7]
	3	TCP 192.168.0.123:64613 <-> 172.211.159.152:443 [proto: 91.212/TLS.Microsoft][IP: 276/Azure][Encrypted][Confidence: DPI][FPC: 212/Microsoft, Confidence: DNS][DPI packets: 13][cat: Web/5][15 pkts/3053 bytes <-> 14 pkts/7767 bytes][Goodput ratio: 73/90][0.15 sec][Hostname/SNI: checkappexec.microsoft.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][bytes ratio: -0.436 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/7 30/40 12/14][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 204/555 1553/1414 369/578][TCP Fingerprint: 2_128_65535_6bb88f5575fd/Windows][TLSv1.2][JA4: t12d1909h2_d83cc789557e_7af1ed941c26][ServerNames: smartscreen.microsoft.com,*.wds.microsoft.com,*.urs.microsoft.com,*.smartscreen.microsoft.com,apprep.smartscreen.microsoft.com,beta.apprep.smartscreen.microsoft.com,beta.w.apprep.smartscreen.microsoft.com,w.apprep.smartscreen.microsoft.com,urs.microsoft.com,beta.urs.microsoft.com,c.urs.microsoft.com,i.apprep.smartscreen.microsoft.com,i.w.apprep.smartscreen.microsoft.com,t.urs.microsoft.com,beta.t.urs.microsoft.com,telemetry.urs.microsoft.com,d.urs.microsoft.com,x.urs.microsoft.com,p.urs.microsoft.com,api.smartscreen.microsoft.com,urs.smartscreen.microsoft.com,ars.smartscreen.microsoft.com,cp.smartscreen.microsoft.com,checkappexec.microsoft.com,data.checkappexec.microsoft.com,ping.checkappexec.microsoft.com,t.checkappexec.microsoft.com,pf.checkappexec.microsoft.com,sl.smartscreen.microsoft.com,ping.smartscreen.microsoft.com,nf.smartscreen.microsoft.com,data.nf.smartscreen.microsoft.com,ping.nf.smartscreen.microsoft.com,t.nf.smartscreen.microsoft.com,nav.smartscreen.microsoft.com,data.nav.smartscreen.microsoft.com,ping.nav.smartscreen.microsoft.com,t.nav.smartscreen.microsoft.com,bf.smartscreen.microsoft.com,t.bf.smartscreen.microsoft.com,smartscreen-prod.microsoft.com,*.smartscreen-prod.microsoft.com][JA3S: 00447ab319e9d94ba2b4c1248e155917][Issuer: C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 04][Subject: C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=smartscreen.microsoft.com][Certificate SHA-1: 83:0D:87:5A:F6:F1:FA:DC:94:4D:7E:AD:7C:8B:71:47:6A:BB:DC:2B][Firefox][Validity: 2025-01-16 14:02:54 - 2025-07-15 14:02:54][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 5,18,18,0,0,0,5,0,5,5,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,5,0]
	4	ICMP 192.168.0.16:0 -> 192.168.0.123:0 [proto: 81/ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][19 pkts/10194 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][23.29 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 6/0 1228/0 7220/0 1704/0][Pkt Len c2s/s2c min/avg/max/stddev: 82/0 537/0 590/0 156/0][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 4.948 (Executable?)][PLAIN TEXT ( www.v2)][Plen Bins: 0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,89,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	5	TCP 192.168.0.123:64622 <-> 178.17.170.254:443 [proto: 91.163/TLS.Tor][IP: 163/Tor][Encrypted][Confidence: DPI][FPC: 163/Tor, Confidence: IP address][DPI packets: 13][cat: VPN/2][12 pkts/5313 bytes <-> 1 pkts/62 bytes][Goodput ratio: 88/0][21.70 sec][Hostname/SNI: www.v2trefdg62xsck3upw2iad5y.com][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.977 (Upload)][IAT c2s/s2c min/avg/max/stddev: 14/0 1929/0 9605/0 2882/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/62 443/62 571/62 222/0][Risk: ** TLS (probably) Not Carrying HTTPS **** Susp DGA Domain name **** Unsafe Protocol **][Risk Score: 120][Risk Info: v2trefdg62xsck3upw2iad5y.com / No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d181100_6c2ba73853a4_d41ae481755e][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	6	TCP 192.168.0.123:64621 <-> 86.3.18.251:443 [proto: 91.163/TLS.Tor][IP: 163/Tor][Encrypted][Confidence: DPI][FPC: 163/Tor, Confidence: IP address][DPI packets: 11][cat: VPN/2][10 pkts/4171 bytes <-> 1 pkts/66 bytes][Goodput ratio: 87/0][19.33 sec][Hostname/SNI: www.w2f34byk6sroic.com][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.969 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 1214/0 4813/0 1548/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 417/66 571/66 235/0][Risk: ** TLS (probably) Not Carrying HTTPS **** Susp DGA Domain name **** Unsafe Protocol **][Risk Score: 120][Risk Info: w2f34byk6sroic.com / No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d181100_6c2ba73853a4_d41ae481755e][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	7	TCP 192.168.0.123:64625 <-> 194.164.197.45:443 [proto: 91.163/TLS.Tor][IP: 163/Tor][Encrypted][Confidence: DPI][FPC: 163/Tor, Confidence: IP address][DPI packets: 7][cat: VPN/2][6 pkts/2404 bytes <-> 1 pkts/66 bytes][Goodput ratio: 86/0][1.18 sec][Hostname/SNI: www.raww4onzy3tam7cip372snd.com][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.947 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 236/0 601/0 217/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 401/66 571/66 241/0][Risk: ** TLS (probably) Not Carrying HTTPS **** Susp DGA Domain name **** Unsafe Protocol **][Risk Score: 120][Risk Info: raww4onzy3tam7cip372snd.com / No ALPN][TCP Fingerprint: 2_128_64240_6bb88f5575fd/Windows][TLSv1.2][JA4: t13d181100_6c2ba73853a4_d41ae481755e][Firefox][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	8	UDP 192.168.0.123:55566 <-> 192.168.0.16:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/86 bytes <-> 1 pkts/209 bytes][Goodput ratio: 51/80][0.00 sec][Hostname/SNI: checkappexec.microsoft.com][172.211.159.152][DNS Id: 0x67d4][PLAIN TEXT (checkappexec)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	9	TCP 192.168.0.123:64282 <-> 155.133.248.43:443 [proto: 91/TLS][IP: 74/Steam][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][1 pkts/108 bytes <-> 1 pkts/60 bytes][Goodput ratio: 50/0][0.03 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]