1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
DPI Packets (TCP): 107 (10.70 pkts/flow)
Confidence DPI : 10 (flows)
Num dissector calls: 10 (1.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
Automa host: 4/4 (search/found)
Automa domain: 4/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 4/0 (search/found)
Automa common alpns: 8/8 (search/found)
Patricia risk mask: 20/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 10/10 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
VK 82 10228 4
TLS 827 116853 6
Safe 827 116853 6
Fun 82 10228 4
JA3 Host Stats:
IP Address # JA3C
1 192.168.1.249 1
1 TCP 192.168.1.249:60436 -> 87.240.132.78:443 [proto: 91/TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 13][cat: Web/5][706 pkts/85400 bytes -> 0 pkts/0 bytes][Goodput ratio: 45/0][16.78 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/0 3943/0 194/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 121/0 1464/0 175/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,0,9,0,0,0,0,0,3,0,0,0,9,18,6,3,6,9,9,6,0,0,6,0,0,3,3,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.249:40344 -> 87.240.129.140:443 [proto: 91/TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 13][cat: Web/5][92 pkts/26327 bytes -> 0 pkts/0 bytes][Goodput ratio: 77/0][12.81 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 154/0 4880/0 644/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 286/0 1464/0 382/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 5,0,2,0,0,10,14,0,10,5,2,2,0,2,0,5,7,0,0,2,0,0,7,0,0,0,2,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0]
3 TCP 192.168.1.249:33904 -> 87.240.129.131:443 [proto: 91/TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 13][cat: Web/5][21 pkts/3598 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][10.88 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 545/0 4263/0 1183/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 171/0 371/0 112/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,16,0,0,8,33,16,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.249:32990 -> 87.240.169.10:443 [proto: 91.22/TLS.VK][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 15][cat: SocialNetwork/6][24 pkts/2765 bytes -> 0 pkts/0 bytes][Goodput ratio: 42/0][0.11 sec][Hostname/SNI: sun9-87.userapi.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4/0 17/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 115/0 583/0 127/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][TLSv1.2][JA3C: 579ccef312d18482fc42e2b822ca2430][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][Firefox][Plen Bins: 20,0,20,0,0,20,0,0,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.1.249:59722 -> 87.240.169.11:443 [proto: 91.22/TLS.VK][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 15][cat: SocialNetwork/6][21 pkts/2600 bytes -> 0 pkts/0 bytes][Goodput ratio: 46/0][0.15 sec][Hostname/SNI: sun9-88.userapi.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/0 31/0 9/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 124/0 583/0 138/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][TLSv1.2][JA3C: 579ccef312d18482fc42e2b822ca2430][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][Firefox][Plen Bins: 20,0,20,0,0,20,0,0,0,0,0,0,20,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 192.168.1.249:47934 -> 87.240.169.3:443 [proto: 91.22/TLS.VK][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 15][cat: SocialNetwork/6][19 pkts/2493 bytes -> 0 pkts/0 bytes][Goodput ratio: 49/0][0.13 sec][Hostname/SNI: sun9-80.userapi.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/0 44/0 12/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 131/0 583/0 147/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][TLSv1.2][JA3C: 579ccef312d18482fc42e2b822ca2430][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][Firefox][Plen Bins: 20,0,20,0,0,20,0,0,0,0,0,0,0,20,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 192.168.1.249:59154 -> 87.240.185.137:443 [proto: 91.22/TLS.VK][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 15][cat: SocialNetwork/6][18 pkts/2370 bytes -> 0 pkts/0 bytes][Goodput ratio: 50/0][0.13 sec][Hostname/SNI: sun9-10.userapi.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/0 41/0 10/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 132/0 583/0 143/0][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][TLSv1.2][JA3C: 579ccef312d18482fc42e2b822ca2430][JA4: t13d1715h2_5b57614c22b0_3d5424432f57][Firefox][Plen Bins: 20,0,20,0,0,20,0,0,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 TCP 192.168.1.249:56504 -> 87.240.129.135:443 [proto: 91/TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 4][cat: Web/5][4 pkts/1186 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][0.05 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
9 TCP 192.168.1.249:43644 -> 87.240.132.67:443 [proto: 91/TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 2][cat: Web/5][2 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 23/0][0.01 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 192.168.1.249:43938 -> 87.240.129.135:443 [proto: 91/TLS][IP: 22/VK][Encrypted][Confidence: DPI][FPC: 22/VK, Confidence: IP address][DPI packets: 2][cat: Web/5][2 pkts/171 bytes -> 0 pkts/0 bytes][Goodput ratio: 23/0][0.06 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|