aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/tumblr.pcap.out
blob: 29456f9b5af739d8e9f42b7ebf62fece2bab2b32 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
Guessed flow protos:	28

DPI Packets (TCP):	198	(4.21 pkts/flow)
Confidence Match by port    : 28 (flows)
Confidence DPI              : 19 (flows)
Num dissector calls: 19 (0.40 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/84/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/4/0 (insert/search/found)
LRU cache mining:     0/28/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
Automa host:          9/7 (search/found)
Automa domain:        9/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  18/18 (search/found)
Patricia risk mask:   0/0 (search/found)
Patricia risk mask IPv6: 72/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   47/0 (search/found)
Patricia protocols:   0/0 (search/found)
Patricia protocols IPv6: 71/23 (search/found)

Yahoo	31	9933	1
Tumblr	84	38260	2
TLS	416	163940	40
ADS_Analytic_Track	54	17122	2
Google	107	85437	1
GoogleServices	63	44980	1

Safe                           447 173873        41           
Acceptable                     170 130417        2            
Fun                             84 38260         2            
Tracker/Ads                     54 17122         2            

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 2a01:cb01:2049:8b07:991d:ec85:28df:f629 	 2      


	1	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:49548 <-> [2a00:1450:4007:809::200e]:443 [proto: 91.126/TLS.Google][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][38 pkts/4471 bytes <-> 69 pkts/80966 bytes][Goodput ratio: 27/93][0.38 sec][Hostname/SNI: apis.google.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.895 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/5 83/70 18/12][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 118/1173 603/6126 94/887][TLSv1.3][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 2,2,2,0,1,1,1,4,1,1,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,2,0,1,0,0,0,0,0,0,70,0,0,0,0,0,0,0,0,0,7]
	2	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:38608 <-> [2a00:1450:4007:80b::200a]:443 [proto: 91.239/TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][26 pkts/3265 bytes <-> 37 pkts/41715 bytes][Goodput ratio: 31/92][0.25 sec][Hostname/SNI: ajax.googleapis.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.855 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/3 67/44 18/8][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 126/1127 603/3227 111/829][TLSv1.3][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: eb1d94daa7e0344597e756a1fb6e7054][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 8,2,5,0,0,0,0,0,5,0,0,0,0,0,2,2,2,0,2,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,17]
	3	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:48240 <-> [64:ff9b::9765:789d]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 14][cat: Web/5][38 pkts/3530 bytes <-> 38 pkts/38240 bytes][Goodput ratio: 7/91][19.87 sec][bytes ratio: -0.831 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 662/0 19473/1 3494/0][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 93/1006 216/1134 25/322][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,5,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,2,0,0,0,0,0,0,0,0,86,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	4	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:43434 <-> [64:ff9b::c000:4d28]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 13][cat: Web/5][22 pkts/2254 bytes <-> 23 pkts/27178 bytes][Goodput ratio: 16/93][0.06 sec][bytes ratio: -0.847 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 45/17 11/4][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 102/1182 198/1486 37/576][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 4,4,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,78,0,0,0,0]
	5	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:43328 <-> [64:ff9b::4a72:9a16]:443 [proto: 91.90/TLS.Tumblr][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 12][cat: SocialNetwork/6][29 pkts/3925 bytes <-> 33 pkts/25475 bytes][Goodput ratio: 36/89][1.02 sec][Hostname/SNI: catasters.tumblr.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.733 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/31 200/232 63/57][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 135/772 603/1486 124/645][TLSv1.2][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][ServerNames: *.tumblr.com,tumblr.com][JA3S: 738f0c3c6e00286f3afac626676d352d][Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA][Subject: CN=*.tumblr.com][Certificate SHA-1: 14:78:BA:5B:B5:54:5D:A1:2C:D2:79:4C:42:99:BB:3A:A9:DB:86:C2][Chrome][Validity: 2020-03-26 00:00:00 - 2022-06-28 00:00:00][Cipher: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 18,0,9,3,3,0,0,0,3,3,0,0,0,0,3,0,3,0,0,0,0,3,0,3,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,3,0,0,41,0,0,0,0]
	6	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:58380 <-> [2606:2800:135:155a:23ba:b2a:25ff:122d]:443 [proto: 91/TLS][IP: 288/Edgecast][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][21 pkts/3364 bytes <-> 29 pkts/20662 bytes][Goodput ratio: 46/88][0.18 sec][Hostname/SNI: consent.cmp.oath.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.720 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/5 47/47 13/12][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 160/712 609/1294 156/543][TLSv1.3][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 7,3,7,7,0,0,0,7,3,0,0,0,0,0,3,0,7,0,0,0,3,0,0,0,0,3,0,0,0,0,3,0,0,0,0,0,0,44,0,0,0,0,0,0,0,0,0,0]
	7	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56794 <-> [64:ff9b::c000:4d03]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 13][cat: Web/5][19 pkts/2795 bytes <-> 24 pkts/15989 bytes][Goodput ratio: 42/87][0.06 sec][bytes ratio: -0.702 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 26/10 7/3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 147/666 340/1486 72/675][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 26,10,3,10,10,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,33,0,0,0,0]
	8	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:42908 <-> [64:ff9b::98c7:1593]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 7][cat: Web/5][16 pkts/1983 bytes <-> 18 pkts/15822 bytes][Goodput ratio: 31/90][1.30 sec][bytes ratio: -0.777 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 108/76 700/700 209/196][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 124/879 468/1486 93/651][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 5,22,0,5,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,51,0,0,0,0]
	9	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:43420 <-> [64:ff9b::c000:4d28]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 5][cat: Web/5][15 pkts/1601 bytes <-> 16 pkts/13434 bytes][Goodput ratio: 19/90][0.05 sec][bytes ratio: -0.787 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/2 37/10 10/3][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 107/840 246/1486 53/668][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 25,6,0,0,6,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0]
	10	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:39152 <-> [64:ff9b::6006:749]:443 [proto: 91.107/TLS.ADS_Analytic_Track][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Advertisement/101][18 pkts/5773 bytes <-> 17 pkts/6416 bytes][Goodput ratio: 73/77][17.45 sec][Hostname/SNI: sb.scorecardresearch.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.053 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/6 1233/1326 16556/16588 4251/4407][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 321/377 850/1365 296/411][TLSv1.3][JA3C: 44d502d471cfdb99c59bdfb0f220e5a8][JA4: t13d1515h2_8daaf6152771_0ece2fe8a3fb][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,6,0,0,0,0,0,25,0,0,0,0,12,0,0,0,6,12,6,0,0,0,12,6,0,0,0,0,0,0,0,0,0,0,0,0,6,0,6,0,0,0,0,0,0,0,0]
	11	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:47118 <-> [2001:4998:14:800::1001]:443 [proto: 91.70/TLS.Yahoo][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][16 pkts/2550 bytes <-> 15 pkts/7383 bytes][Goodput ratio: 46/82][0.57 sec][Hostname/SNI: cookiex.ngd.yahoo.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.487 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/48 315/282 83/84][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 159/492 603/1474 154/531][TLSv1.3][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 7,14,14,0,0,0,0,0,14,0,0,0,0,7,0,0,7,0,7,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,14,0,0,0,0]
	12	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56842 <-> [64:ff9b::c000:4d03]:443 [proto: 91.90/TLS.Tumblr][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: SocialNetwork/6][12 pkts/2375 bytes <-> 10 pkts/6485 bytes][Goodput ratio: 56/87][0.15 sec][Hostname/SNI: 64.media.tumblr.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.464 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/18 59/70 22/24][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 198/648 603/1486 170/664][TLSv1.3][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,20,10,0,0,0,0,0,0,20,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,30,0,0,0,0]
	13	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:39164 <-> [64:ff9b::6006:749]:443 [proto: 91.107/TLS.ADS_Analytic_Track][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Advertisement/101][10 pkts/2724 bytes <-> 9 pkts/2209 bytes][Goodput ratio: 68/65][0.19 sec][Hostname/SNI: sb.scorecardresearch.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.104 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/23 56/53 21/18][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 272/245 706/686 267/200][TLSv1.3][JA3C: 44d502d471cfdb99c59bdfb0f220e5a8][JA4: t13d1515h2_8daaf6152771_0ece2fe8a3fb][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,12,0,0,0,0,0,37,0,0,0,0,0,0,0,0,12,25,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	14	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:51874 <-> [64:ff9b::c000:4c03]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 5][cat: Web/5][14 pkts/1971 bytes <-> 14 pkts/1808 bytes][Goodput ratio: 39/33][17.08 sec][bytes ratio: 0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1544/33 16623/194 4769/64][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 141/129 243/205 64/49][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,28,0,42,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	15	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:57286 <-> [64:ff9b::8fcc:d927]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 5][cat: Web/5][5 pkts/1152 bytes <-> 4 pkts/910 bytes][Goodput ratio: 63/62][0.20 sec][bytes ratio: 0.117 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/0 50/4 113/9 49/4][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 230/228 730/613 250/223][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	16	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:41266 <-> [2620:116:800d:21:8c6e:cf2c:8d6:9fb5]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 5][cat: Web/5][5 pkts/1186 bytes <-> 4 pkts/790 bytes][Goodput ratio: 64/56][0.21 sec][bytes ratio: 0.200 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 52/8 121/15 49/6][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 237/198 750/486 257/168][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,60,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	17	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:58382 <-> [2606:2800:135:155a:23ba:b2a:25ff:122d]:443 [proto: 91/TLS][IP: 288/Edgecast][Encrypted][Confidence: DPI][DPI packets: 7][cat: Web/5][7 pkts/1091 bytes <-> 5 pkts/537 bytes][Goodput ratio: 47/18][0.07 sec][Hostname/SNI: consent.cmp.oath.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.340 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 14/15 24/39 10/17][Pkt Len c2s/s2c min/avg/max/stddev: 74/86 156/107 603/185 183/39][TLSv1.3][JA3C: b32309a26951912be7dba376398abc3b][JA4: t13d1515h2_8daaf6152771_de4a06bb82e3][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	18	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:55560 <-> [2a00:1450:4007:817::200a]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 7][cat: Web/5][5 pkts/625 bytes <-> 8 pkts/900 bytes][Goodput ratio: 31/24][0.84 sec][bytes ratio: -0.180 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 255/130 765/770 360/286][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 125/112 203/157 43/28][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,71,14,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	19	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56782 <-> [64:ff9b::68f4:2ac8]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 7][cat: Web/5][5 pkts/539 bytes <-> 5 pkts/763 bytes][Goodput ratio: 20/44][18.08 sec][bytes ratio: -0.172 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4520/4504 17850/17820 7696/7688][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 108/153 149/373 27/112][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,75,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	20	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:35892 <-> [2a00:1450:4007:815::2002]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	21	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:40190 <-> [2a00:1450:4007:80a::200a]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.03 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	22	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:42674 <-> [64:ff9b::4a72:9a15]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.04 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	23	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:43602 <-> [64:ff9b::df9:21c6]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	24	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:44164 <-> [2a00:1450:4007:805::2003]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	25	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:45706 <-> [2a00:1450:4007:80a::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	26	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:48988 <-> [2a00:1450:4007:811::2004]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.07 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	27	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:49002 <-> [2a00:1450:4007:811::2004]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.20 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	28	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:49462 <-> [2a00:1450:4007:809::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	29	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:49464 <-> [2a00:1450:4007:809::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	30	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:49496 <-> [2a00:1450:4007:815::2003]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	31	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:49546 <-> [2a00:1450:4007:815::2003]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	32	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:50906 <-> [64:ff9b::d83a:d582]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.17 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	33	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:50960 <-> [2a00:1450:4007:805::2002]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	34	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:55014 <-> [2a00:1450:4007:806::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.20 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	35	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56558 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	36	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56564 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.05 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	37	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56578 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.06 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	38	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56582 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.04 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	39	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56592 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.43 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	40	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56594 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.05 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	41	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:56640 <-> [64:ff9b::9765:798c]:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.08 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	42	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:57770 <-> [2a00:1450:4007:80b::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.09 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	43	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:57788 <-> [2a00:1450:4007:80b::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	44	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:58004 <-> [2a00:1450:4007:808::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.19 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	45	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:58614 <-> [2a00:1450:4007:805::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	46	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:58616 <-> [2a00:1450:4007:805::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	47	TCP [2a01:cb01:2049:8b07:991d:ec85:28df:f629]:58618 <-> [2a00:1450:4007:805::200e]:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/86 bytes <-> 1 pkts/86 bytes][Goodput ratio: 0/0][0.23 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]