1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
DPI Packets (UDP): 76 (10.86 pkts/flow)
Confidence DPI (cache) : 2 (flows)
Confidence DPI : 5 (flows)
Num dissector calls: 32 (4.57 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 20/10/2 (insert/search/found)
LRU cache tls_cert: 0/2/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/0/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 12/0 (search/found)
Patricia risk mask IPv6: 2/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 1/0 (search/found)
Patricia protocols: 6/6 (search/found)
Patricia protocols IPv6: 1/1 (search/found)
GoogleCall 362 74597 7
Acceptable 362 74597 7
JA3 Host Stats:
IP Address # JA3C
1 2001:b07:a3d:c112:48a1:1094:1227:281e 1
2 192.168.12.156 1
1 UDP [2001:b07:a3d:c112:48a1:1094:1227:281e]:45572 <-> [2001:4860:4864:6::81]:19305 [proto: 30.404/DTLS.GoogleCall][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 78.404/STUN.GoogleCall, Confidence: DPI][DPI packets: 17][cat: VoIP/10][30 pkts/4693 bytes <-> 118 pkts/36197 bytes][Goodput ratio: 60/80][0.71 sec][bytes ratio: -0.770 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22/2 152/74 32/9][Pkt Len c2s/s2c min/avg/max/stddev: 106/99 156/307 608/1265 88/113][Mapped IP/Port: [2001:b07:a3d:c112:48a1:1094:1227:281e]:45572][DTLSv1.2][JA3C: c14667d7da3e6f7a7ab5519ef78c2452][JA4: dd2d110700_c45550529adf_d9dd6182da81][JA3S: 1f5d6a6d0bc5d514dd84d13e6283d309][Issuer: CN=hangouts][Subject: CN=hangouts][Certificate SHA-1: 07:CC:FC:28:04:F2:29:8F:E9:C4:BF:AC:F6:D2:BD:F2:BA:36:AD:31][Validity: 2023-10-11 02:02:47 - 2024-10-11 02:02:47][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (igoKAAiKAiADEA)][Plen Bins: 0,6,16,5,2,0,0,0,68,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.12.156:38152 <-> 142.250.82.76:19305 [proto: 30.404/DTLS.GoogleCall][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 78.404/STUN.GoogleCall, Confidence: DPI][DPI packets: 17][cat: VoIP/10][28 pkts/4034 bytes <-> 46 pkts/12188 bytes][Goodput ratio: 71/84][0.87 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/10 205/154 50/29][Pkt Len c2s/s2c min/avg/max/stddev: 87/79 144/265 587/1245 89/180][Mapped IP/Port: 93.35.171.209:39032][DTLSv1.2][JA3C: c14667d7da3e6f7a7ab5519ef78c2452][JA4: dd2d110700_c45550529adf_d9dd6182da81][JA3S: 1f5d6a6d0bc5d514dd84d13e6283d309][Issuer: CN=hangouts][Subject: CN=hangouts][Certificate SHA-1: 49:1A:C7:70:3E:79:F9:C5:3D:0F:46:33:B7:A4:EC:54:B0:93:C9:61][Validity: 2023-06-19 17:32:20 - 2024-06-19 17:32:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][PLAIN TEXT (HrRgpad)][Plen Bins: 0,8,37,9,4,0,0,0,38,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.12.156:38152 <-> 142.250.82.76:3478 [proto: 30.404/DTLS.GoogleCall][IP: 126/Google][Stream Content: Audio][Encrypted][Confidence: DPI][FPC: 78.404/STUN.GoogleCall, Confidence: DPI][DPI packets: 17][cat: VoIP/10][55 pkts/7402 bytes <-> 24 pkts/3525 bytes][Goodput ratio: 69/71][6.63 sec][bytes ratio: 0.355 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/2 109/184 402/761 143/224][Pkt Len c2s/s2c min/avg/max/stddev: 87/82 135/147 423/579 69/115][Mapped IP/Port: 93.35.171.209:39032][PLAIN TEXT (HrRgpad)][Plen Bins: 0,39,34,15,0,1,0,0,5,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 192.168.12.156:45400 <-> 142.250.82.76:3478 [proto: 78.404/STUN.GoogleCall][IP: 126/Google][ClearText][Confidence: DPI][FPC: 78.404/STUN.GoogleCall, Confidence: DPI][DPI packets: 7][cat: VoIP/10][17 pkts/2694 bytes <-> 16 pkts/1696 bytes][Goodput ratio: 73/60][54.70 sec][bytes ratio: 0.227 (Upload)][IAT c2s/s2c min/avg/max/stddev: 90/78 3250/2028 17905/6554 4698/2127][Pkt Len c2s/s2c min/avg/max/stddev: 158/106 158/106 166/106 2/0][Mapped IP/Port: 93.35.171.209:39033][PLAIN TEXT (HrRgpad)][Plen Bins: 0,0,48,51,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.12.156:38152 <-> 74.125.128.127:19302 [proto: 78.404/STUN.GoogleCall][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][50.12 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10019/10019 10022/10021 10026/10025 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.35.171.209:39032][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 3478][PLAIN TEXT (kAGNNzv)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.12.156:45400 <-> 74.125.128.127:19302 [proto: 78.404/STUN.GoogleCall][IP: 126/Google][ClearText][Confidence: DPI (cache)][FPC: 78/STUN, Confidence: DPI][DPI packets: 7][cat: VoIP/10][6 pkts/372 bytes <-> 6 pkts/444 bytes][Goodput ratio: 32/43][50.12 sec][bytes ratio: -0.088 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10020/10019 10022/10021 10026/10025 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 62/74 62/74 62/74 0/0][Mapped IP/Port: 93.35.171.209:39033][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 3478][PLAIN TEXT (tcEcaq476)][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 UDP 192.168.12.156:45400 <-> 142.250.82.76:19305 [proto: 78.404/STUN.GoogleCall][IP: 126/Google][ClearText][Confidence: DPI][FPC: 78.404/STUN.GoogleCall, Confidence: DPI][DPI packets: 4][cat: VoIP/10][2 pkts/324 bytes <-> 2 pkts/212 bytes][Goodput ratio: 74/60][0.63 sec][Mapped IP/Port: 93.35.171.209:39033][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: Expected on port 3478][PLAIN TEXT (ByyD/CC)][Plen Bins: 0,0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|