mirror of
https://github.com/vel21ripn/nDPI.git
synced 2026-05-02 17:00:16 +00:00
ca5ffc4988
Tell "Advertised" ALPN list from "Negotiated" ALPN; the former is extracted from the CH, the latter from the SH. Add some entries to the known ALPN list. Fix printing of "TLS Supported Versions" field.
29 lines
1.6 KiB
Text
29 lines
1.6 KiB
Text
Guessed flow protos: 0
|
|
|
|
DPI Packets (UDP): 1 (1.00 pkts/flow)
|
|
Confidence DPI : 1 (flows)
|
|
Num dissector calls: 1 (1.00 diss/flow)
|
|
LRU cache ookla: 0/0/0 (insert/search/found)
|
|
LRU cache bittorrent: 0/0/0 (insert/search/found)
|
|
LRU cache zoom: 0/0/0 (insert/search/found)
|
|
LRU cache stun: 0/0/0 (insert/search/found)
|
|
LRU cache tls_cert: 0/0/0 (insert/search/found)
|
|
LRU cache mining: 0/0/0 (insert/search/found)
|
|
LRU cache msteams: 0/0/0 (insert/search/found)
|
|
Automa host: 1/1 (search/found)
|
|
Automa domain: 1/0 (search/found)
|
|
Automa tls cert: 0/0 (search/found)
|
|
Automa risk mask: 0/0 (search/found)
|
|
Automa common alpns: 1/1 (search/found)
|
|
Patricia risk mask: 2/0 (search/found)
|
|
Patricia risk: 2/0 (search/found)
|
|
Patricia protocols: 2/0 (search/found)
|
|
|
|
Google 642 573718 1
|
|
|
|
JA3 Host Stats:
|
|
IP Address # JA3C
|
|
1 187.227.136.152 1
|
|
|
|
|
|
1 UDP 187.227.136.152:55356 <-> 211.247.147.90:443 [proto: 188.126/QUIC.Google][IP: 0/Unknown][Encrypted][Confidence: DPI][cat: Web/5][171 pkts/29017 bytes <-> 471 pkts/544701 bytes][Goodput ratio: 75/96][90.07 sec][Hostname/SNI: www.google.com][(Advertised) ALPNs: h3-T051][TLS Supported Versions: TLSv1.3][bytes ratio: -0.899 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 690/100 24967/10162 3186/822][Pkt Len c2s/s2c min/avg/max/stddev: 75/67 170/1156 1392/1392 256/481][User-Agent: dev Chrome/86.0.4240.9 Windows NT 6.1; Win64; x64][TLSv1.3][JA3C: 92e76078d514999cd950474995dab2b5][PLAIN TEXT (OO RJ/ Q)][Plen Bins: 11,29,2,1,0,2,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,51,0,0,0,0,0]
|