1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
DPI Packets (TCP): 13 (6.50 pkts/flow)
DPI Packets (UDP): 1 (1.00 pkts/flow)
Confidence DPI : 3 (flows)
Num dissector calls: 161 (53.67 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/2/0 (insert/search/found)
Automa host: 2/2 (search/found)
Automa domain: 2/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 1/1 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 5/1 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
GaijinEntertainment 18 10554 3
Fun 18 10554 3
JA Host Stats:
IP Address # JA4C
1 10.215.173.1 2
1 TCP 10.215.173.1:47666 <-> 54.75.230.133:443 [proto: 91.396/TLS.GaijinEntertainment][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Game/8][4 pkts/697 bytes <-> 3 pkts/4256 bytes][Goodput ratio: 74/97][0.14 sec][Hostname/SNI: yupmaster.gaijinent.com][(Advertised) ALPNs: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.719 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 25/34 72/65 33/31][Pkt Len c2s/s2c min/avg/max/stddev: 40/40 174/1419 552/4168 218/1944][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t13d3113ht_e8f1e7e78f70_ce5650b735ce][ServerNames: *.gaijinent.com,gaijinent.com][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1][Subject: CN=*.gaijinent.com][Certificate SHA-1: 27:23:37:24:85:95:B7:8F:75:BE:79:18:DF:DC:11:D8:04:F7:1E:A2][Firefox][Validity: 2023-12-19 00:00:00 - 2025-01-10 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33]
2 TCP 10.215.173.1:39314 <-> 81.171.31.37:443 [proto: 91.396/TLS.GaijinEntertainment][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Game/8][3 pkts/468 bytes <-> 3 pkts/4296 bytes][Goodput ratio: 70/97][0.09 sec][Hostname/SNI: ta-receiver-balancer-xom.crossout.net][bytes ratio: -0.804 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/48 22/24 45/48 22/24][Pkt Len c2s/s2c min/avg/max/stddev: 40/40 156/1432 368/4208 150/1963][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_64_65535_b8d6cf600040/Unknown][TLSv1.2][JA4: t12d800700_ee0b5a6c69b8_cdbdbcd6f742][ServerNames: *.crossout.net,crossout.net][JA3S: 758945630046fd37070521b8544d1fe8][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1][Subject: CN=*.crossout.net][Certificate SHA-1: 9D:3E:9C:5E:8D:F5:F0:D4:A7:71:3F:B3:CD:5A:DE:1B:E4:EA:12:92][Firefox][Validity: 2023-04-20 00:00:00 - 2024-05-18 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50]
3 UDP 10.215.173.1:42424 -> 95.211.246.178:20011 [proto: 396/GaijinEntertainment][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 396/GaijinEntertainment, Confidence: DPI][DPI packets: 1][cat: Game/8][5 pkts/837 bytes -> 0 pkts/0 bytes][Goodput ratio: 83/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (embeddedupdater.start)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|