1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
DPI Packets (TCP): 27 (9.00 pkts/flow)
DPI Packets (UDP): 3 (3.00 pkts/flow)
Confidence DPI : 3 (flows)
Confidence DPI (aggressive) : 1 (flows)
Num dissector calls: 414 (103.50 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/3/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 1/3/0 (insert/search/found)
Automa host: 4/4 (search/found)
Automa domain: 4/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 1/0 (search/found)
Automa common alpns: 2/2 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 1/0 (search/found)
Patricia protocols: 6/0 (search/found)
Patricia protocols IPv6: 1/1 (search/found)
TLS 25 22923 1
YouTube 45 36920 2
SOCKS 30 21330 1
Safe 25 22923 1
Acceptable 30 21330 1
Fun 45 36920 2
JA Host Stats:
IP Address # JA4C
1 2001:b07:a3d:c112:8628:88aa:8b00:913c 1
1 TCP [2001:b07:a3d:c112:8628:88aa:8b00:913c]:45334 <-> [2a00:1450:4002:416::200e]:443 [proto: 91.124/TLS.YouTube][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Media/1][20 pkts/2589 bytes <-> 21 pkts/33559 bytes][Goodput ratio: 32/94][0.12 sec][Hostname/SNI: www.youtube.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.857 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/6 46/49 14/13][Pkt Len c2s/s2c min/avg/max/stddev: 88/88 129/1598 605/6128 124/1604][TCP Fingerprint: 2_64_65320_5c453b01be6e/Unknown][TLSv1.3][JA3C: 4ea056e63b7910cbf543f0c095064dfe][JA4: t13d3113h2_e8f1e7e78f70_ce5650b735ce][JA3S: 907bf3ecef1c987c889946b737b43de8][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 9,0,0,0,0,0,4,0,4,0,0,0,0,0,0,0,4,4,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,56,0,0,0,0,0,0,0,0,0,13]
2 TCP 127.0.0.1:40164 <-> 127.0.0.1:1234 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI (aggressive)][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 15][cat: Web/5][14 pkts/2036 bytes <-> 11 pkts/20887 bytes][Goodput ratio: 53/96][0.17 sec][bytes ratio: -0.822 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/21 52/52 19/20][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 145/1899 704/7496 163/2354][Risk: ** Known Proto on Non Std Port **** Obfuscated Traffic **][Risk Score: 150][Risk Info: Obfuscated TLS traffic / Expected on port 443][TCP Fingerprint: 2_64_65495_db1b9381215d/Unknown][Plen Bins: 0,0,15,7,15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,7,0,0,0,0,0,0,0,23]
3 TCP 127.0.0.1:44424 <-> 127.0.0.1:1080 [proto: 172/SOCKS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][18 pkts/2079 bytes <-> 12 pkts/19251 bytes][Goodput ratio: 41/96][0.15 sec][bytes ratio: -0.805 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/7 46/50 16/15][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 116/1604 585/9955 117/2915][TCP Fingerprint: 2_64_65495_db1b9381215d/Unknown][PLAIN TEXT (www.youtube.com)][Plen Bins: 37,24,5,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,11]
4 UDP 127.0.0.1:41182 <-> 127.0.0.53:53 [proto: 5.124/DNS.YouTube][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.124/DNS.YouTube, Confidence: DPI][DPI packets: 3][cat: Network/14][2 pkts/176 bytes <-> 2 pkts/596 bytes][Goodput ratio: 50/85][0.00 sec][Hostname/SNI: www.youtube.com][216.58.204.142][PLAIN TEXT (youtube)][Plen Bins: 0,50,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|