1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Guessed flow protos: 0
DPI Packets (TCP): 46 (6.57 pkts/flow)
Confidence DPI : 7 (flows)
Num dissector calls: 105 (15.00 diss/flow)
TLS 6019 5570309 7
JA3 Host Stats:
IP Address # JA3C
1 192.168.1.178 2
1 TCP 192.168.1.178:55262 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][770 pkts/55268 bytes <-> 1313 pkts/1959863 bytes][Goodput ratio: 8/96][5.92 sec][Hostname/SNI: www.iit.cnr.it][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.945 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/5 3388/3416 146/105][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 72/1493 514/1506 47/126][TLSv1.2][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.iit.cnr.it][JA3S: 263c859c5391203d774bc0599793d915][Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, O=TERENA, CN=TERENA SSL CA 3][Subject: C=IT, ST=Lazio, L=Roma, O=Consiglio Nazionale delle Ricerche, OU=IIT, CN=www.iit.cnr.it][Certificate SHA-1: C4:F6:98:75:7E:20:5C:B6:33:14:59:3F:CF:26:96:38:D0:4B:73:69][Safari][Validity: 2019-12-10 00:00:00 - 2022-01-05 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
2 TCP 192.168.1.178:55267 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][356 pkts/26392 bytes <-> 571 pkts/841944 bytes][Goodput ratio: 11/96][0.97 sec][Hostname/SNI: www.iit.cnr.it][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 84/77 9/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/1475 517/1506 57/196][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
3 TCP 192.168.1.178:55268 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][323 pkts/24626 bytes <-> 477 pkts/704321 bytes][Goodput ratio: 13/96][0.91 sec][Hostname/SNI: www.iit.cnr.it][bytes ratio: -0.932 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 116/146 12/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1477 511/1506 64/189][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
4 TCP 192.168.1.178:55265 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][343 pkts/25933 bytes <-> 458 pkts/675289 bytes][Goodput ratio: 13/96][0.98 sec][Hostname/SNI: www.iit.cnr.it][bytes ratio: -0.926 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 103/78 10/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1474 515/1506 62/190][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0]
5 TCP 192.168.1.178:55269 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][307 pkts/22856 bytes <-> 462 pkts/676638 bytes][Goodput ratio: 9/95][0.89 sec][Hostname/SNI: www.iit.cnr.it][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 105/147 10/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/1465 508/1506 51/220][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0]
6 TCP 192.168.1.178:55266 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][250 pkts/20232 bytes <-> 371 pkts/530337 bytes][Goodput ratio: 18/95][0.85 sec][Hostname/SNI: www.iit.cnr.it][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 106/77 11/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81/1429 503/1506 77/274][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0]
7 TCP 192.168.1.178:55285 <-> 146.48.58.18:443 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][9 pkts/1312 bytes <-> 9 pkts/5298 bytes][Goodput ratio: 54/89][0.13 sec][Hostname/SNI: www.iit.cnr.it][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.603 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/9 33/28 14/12][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 146/589 444/1506 129/618][TLSv1.2][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.iit.cnr.it][JA3S: 263c859c5391203d774bc0599793d915][Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, O=TERENA, CN=TERENA SSL CA 3][Subject: C=IT, ST=Lazio, L=Roma, O=Consiglio Nazionale delle Ricerche, OU=IIT, CN=www.iit.cnr.it][Certificate SHA-1: C4:F6:98:75:7E:20:5C:B6:33:14:59:3F:CF:26:96:38:D0:4B:73:69][Safari][Validity: 2019-12-10 00:00:00 - 2022-01-05 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,12,12,0,0,0,0,12,0,0,0,12,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,25,0,0]
|