1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
DPI Packets (TCP): 12 (6.00 pkts/flow)
DPI Packets (UDP): 39 (2.05 pkts/flow)
Confidence DPI : 21 (flows)
Num dissector calls: 21 (1.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/2/0 (insert/search/found)
Automa host: 43/0 (search/found)
Automa domain: 43/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 19/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 8/0 (search/found)
Patricia risk mask IPv6: 30/0 (search/found)
Patricia risk: 5/0 (search/found)
Patricia risk IPv6: 16/0 (search/found)
Patricia protocols: 10/3 (search/found)
Patricia protocols IPv6: 28/8 (search/found)
DNS 59 21695 21
Acceptable 59 21695 21
1 TCP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:57089 <-> [2001:470:1f0b:16b0::a26:53]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][6 pkts/578 bytes <-> 4 pkts/2084 bytes][Goodput ratio: 9/83][0.00 sec][Hostname/SNI: weberlab.de][::][bytes ratio: -0.566 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 1/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 96/521 140/1818 20/749][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
2 TCP 194.247.5.6:39005 <-> 194.247.5.14:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][6 pkts/458 bytes <-> 4 pkts/2004 bytes][Goodput ratio: 12/86][0.00 sec][Hostname/SNI: weberlab.de][::][bytes ratio: -0.628 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/501 120/1798 20/749][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
3 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:55729 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/228 bytes <-> 1 pkts/1494 bytes][Goodput ratio: 45/95][5.01 sec][Hostname/SNI: weberlab.de][::][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1424 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,66,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0]
4 UDP [2a00:1450:4013:c06::105]:63369 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/121 bytes <-> 1 pkts/1510 bytes][Goodput ratio: 48/95][0.00 sec][Hostname/SNI: fg2.weberlab.de][194.247.4.10][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1440 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
5 UDP [2a00:1450:4013:c03::10a]:46433 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/120 bytes <-> 1 pkts/1510 bytes][Goodput ratio: 48/95][0.00 sec][Hostname/SNI: pa.weberlab.de][2001:470:1f0b:1024::2][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1440 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
6 UDP 173.194.169.104:59464 <-> 193.24.227.238:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/1514 bytes][Goodput ratio: 58/97][< 1 sec][Hostname/SNI: fg2.weberlab.de][194.247.4.10][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1472 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
7 UDP 194.247.5.6:51791 <-> 193.24.227.238:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/94 bytes <-> 1 pkts/1514 bytes][Goodput ratio: 55/97][0.01 sec][Hostname/SNI: weberlab.de][::][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1472 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
8 UDP 74.125.47.136:59330 <-> 193.24.227.238:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/1514 bytes][Goodput ratio: 48/97][0.00 sec][Hostname/SNI: weberlab.de][::][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1472 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
9 UDP 172.217.40.76:56680 <-> 193.24.227.238:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/82 bytes <-> 1 pkts/1514 bytes][Goodput ratio: 48/97][< 1 sec][Hostname/SNI: weberlab.de][::][Risk: ** Large DNS Packet (512+ bytes) **** Fragmented DNS Message **][Risk Score: 100][Risk Info: 1472 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0]
10 UDP [2a00:1450:400c:c00::106]:54430 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/121 bytes <-> 1 pkts/886 bytes][Goodput ratio: 48/93][0.00 sec][Hostname/SNI: fg2.weberlab.de][::][Risk: ** Large DNS Packet (512+ bytes) **][Risk Score: 50][Risk Info: 824 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 UDP [2a00:1450:4013:c05::10e]:34944 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 126/Google][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/121 bytes <-> 1 pkts/886 bytes][Goodput ratio: 48/93][< 1 sec][Hostname/SNI: fg2.weberlab.de][::][Risk: ** Large DNS Packet (512+ bytes) **][Risk Score: 50][Risk Info: 824 Bytes DNS Packet][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:33592 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/123 bytes <-> 1 pkts/300 bytes][Goodput ratio: 49/79][0.01 sec][Hostname/SNI: fg2-mgmt.weberlab.de][2001:470:1f0b:16b0::1][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:46316 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/123 bytes <-> 1 pkts/300 bytes][Goodput ratio: 49/79][0.01 sec][Hostname/SNI: fg2-mgmt.weberlab.de][2001:470:1f0b:16b0::1][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:46440 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/123 bytes <-> 1 pkts/300 bytes][Goodput ratio: 49/79][0.01 sec][Hostname/SNI: fg2-mgmt.weberlab.de][2001:470:1f0b:16b0::1][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:47634 <-> [2001:470:765b::a25:53]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/123 bytes <-> 1 pkts/300 bytes][Goodput ratio: 49/79][0.01 sec][Hostname/SNI: fg2-mgmt.weberlab.de][2001:470:1f0b:16b0::1][PLAIN TEXT (weberlab)][Plen Bins: 0,50,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:46709 <-> [2620:fe::fe]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/112 bytes <-> 1 pkts/156 bytes][Goodput ratio: 44/60][0.03 sec][Hostname/SNI: erfpop.de][2606:4700:30::6818:6291][PLAIN TEXT (erfpop)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:48758 <-> [2606:4700:4700::1111]:53 [proto: 5/DNS][IP: 220/Cloudflare][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/129 bytes <-> 1 pkts/133 bytes][Goodput ratio: 52/53][0.02 sec][Hostname/SNI: sigok.verteiltesysteme.net][134.91.78.139][PLAIN TEXT (verteiltesysteme)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:60550 <-> [2606:4700:4700::1111]:53 [proto: 5/DNS][IP: 220/Cloudflare][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/106 bytes <-> 1 pkts/134 bytes][Goodput ratio: 41/53][0.02 sec][Hostname/SNI: ns2.weberdns.de][2001:470:1f0b:16b0::a26:53][PLAIN TEXT (weberdns)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:52814 <-> [2606:4700:4700::1111]:53 [proto: 5/DNS][IP: 220/Cloudflare][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/131 bytes <-> 1 pkts/108 bytes][Goodput ratio: 52/42][0.03 sec][Hostname/SNI: sigfail.verteiltesysteme.net][::][Risk: ** Error Code **][Risk Score: 10][Risk Info: DNS Error Code SERVFAIL][PLAIN TEXT (sigfail)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:42344 <-> [2620:fe::fe]:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/113 bytes <-> 1 pkts/117 bytes][Goodput ratio: 45/47][0.02 sec][Hostname/SNI: formel1.de][85.25.234.253][PLAIN TEXT (formel1)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP [2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb]:54590 <-> [2606:4700:4700::1111]:53 [proto: 5/DNS][IP: 220/Cloudflare][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/106 bytes <-> 1 pkts/122 bytes][Goodput ratio: 41/49][0.01 sec][Hostname/SNI: ns2.weberdns.de][194.247.5.14][PLAIN TEXT (weberdns)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|