1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
DPI Packets (TCP): 8 (8.00 pkts/flow)
DPI Packets (UDP): 15 (5.00 pkts/flow)
Confidence DPI : 4 (flows)
Num dissector calls: 379 (94.75 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/1/0 (insert/search/found)
Automa host: 1/1 (search/found)
Automa domain: 1/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 6/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 4/4 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Zoom 342 112658 4
Acceptable 342 112658 4
JA Host Stats:
IP Address # JA4C
1 192.168.1.178 1
1 UDP 192.168.1.178:60653 <-> 144.195.73.154:8801 [proto: 189/Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DPI][DPI packets: 5][cat: Video/26][7 pkts/2996 bytes <-> 66 pkts/64200 bytes][Goodput ratio: 90/96][0.82 sec][bytes ratio: -0.911 (Download)][IAT c2s/s2c min/avg/max/stddev: 12/0 72/10 101/100 36/15][Pkt Len c2s/s2c min/avg/max/stddev: 165/60 428/973 1078/1078 411/306][PLAIN TEXT (replace)][Plen Bins: 2,6,0,2,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,85,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.1.178:58117 <-> 144.195.73.154:8801 [proto: 189/Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DPI][DPI packets: 5][cat: Video/26][64 pkts/9307 bytes <-> 98 pkts/17843 bytes][Goodput ratio: 71/77][4.02 sec][bytes ratio: -0.314 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/36 141/131 42/37][Pkt Len c2s/s2c min/avg/max/stddev: 106/60 145/182 209/368 23/79][PLAIN TEXT (replace)][Plen Bins: 1,3,44,26,10,1,0,5,6,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.1.178:57953 <-> 144.195.73.154:8801 [proto: 189/Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: DPI][DPI packets: 5][cat: Video/26][43 pkts/5229 bytes <-> 44 pkts/4520 bytes][Goodput ratio: 65/59][39.68 sec][bytes ratio: 0.073 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 941/849 3580/3749 1440/1522][Pkt Len c2s/s2c min/avg/max/stddev: 69/60 122/103 185/133 41/28][PLAIN TEXT (replace)][Plen Bins: 35,2,43,13,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.178:50076 <-> 144.195.73.154:443 [proto: 91.189/TLS.Zoom][IP: 189/Zoom][Encrypted][Confidence: DPI][FPC: 189/Zoom, Confidence: IP address][DPI packets: 8][cat: Video/26][12 pkts/3043 bytes <-> 8 pkts/5520 bytes][Goodput ratio: 74/90][0.73 sec][Hostname/SNI: zoomsjccv154mmr.sjc.zoom.us][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.289 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 72/58 175/174 83/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 254/690 1506/1506 404/622][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_64_65535_15db81ff8b0d/Unknown][TLSv1.2][JA3C: 832952db10f1453442636675bed2702b][JA4: t13d141200_ad449869e501_b11171733d3d][ServerNames: *.sjc.zoom.us][JA3S: 8aca82d60194883e764ab2743e60c380][Issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1][Subject: C=US, ST=California, L=San Jose, O=Zoom Video Communications, Inc., CN=*.sjc.zoom.us][Certificate SHA-1: 43:42:0A:34:FD:F6:7A:FC:E9:C1:95:D8:E0:79:7E:17:B9:65:B0:A7][Firefox][Validity: 2021-04-13 00:00:00 - 2022-04-20 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,10,10,10,10,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0]
|