vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 15:09:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
nDPI/tests/cfgs/default/result/ja4.pcapng.out
Luca Deri 6eb2256ce6 Added JA4 testing pcap
2026-01-02 15:36:24 +01:00

46 lines
6.9 KiB
Text
Raw Blame History

DPI Packets (TCP): 48 (8.00 pkts/flow)
Confidence DPI : 6 (flows)
Num dissector calls: 972 (162.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/6/0 (insert/search/found)
Automa host: 6/6 (search/found)
Automa domain: 6/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 6/0 (search/found)
Automa common alpns: 12/12 (search/found)
Patricia risk mask: 12/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 6/6 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Hash malicious ja4: 6/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 6/6 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 6/0 (search/found)
Hash fp custom protos: 6/0 (search/found)
Hash url custom protos: 0/0 (search/found)
ntop 2439 2189807 6
Safe 2439 2189807 6
Network 2439 2189807 6
JA Host Stats:
IP Address # JA4C
1 192.168.1.29 2
1 TCP 192.168.1.29:59832 <-> 116.203.142.127:443 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 26/ntop][Encrypted][Confidence: DPI][FPC: 26/ntop, Confidence: IP address][DPI packets: 8][cat: Network/14][Breed: Safe][276 pkts/33473 bytes <-> 435 pkts/632404 bytes][Goodput ratio: 46/95][2.61 sec][Hostname/SNI: www.ntop.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.899 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/6 1441/1473 105/81][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 121/1454 1506/1506 209/237][nDPI Fingerprint: 09a4ff6a891e0364e7cd1b08c0825fc3][TCP Fingerprint: 194_64_65535_d29295416479/macOS][TLSv1.3][JA4: t13d1516h2_8daaf6152771_d8a2da3f94cd][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,5,0,0,2,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,87,0,0]
2 TCP 192.168.1.29:59831 <-> 116.203.142.127:443 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 26/ntop][Encrypted][Confidence: DPI][FPC: 26/ntop, Confidence: IP address][DPI packets: 8][cat: Network/14][Breed: Safe][198 pkts/29200 bytes <-> 290 pkts/410126 bytes][Goodput ratio: 55/95][2.61 sec][Hostname/SNI: www.ntop.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.867 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/10 1434/1467 123/100][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 147/1414 1506/1506 248/293][nDPI Fingerprint: 09a4ff6a891e0364e7cd1b08c0825fc3][TCP Fingerprint: 194_64_65535_d29295416479/macOS][TLSv1.3][JA4: t13d1516h2_8daaf6152771_d8a2da3f94cd][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,2,1,2,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,90,0,0]
3 TCP 192.168.1.29:59835 <-> 116.203.142.127:443 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 26/ntop][Encrypted][Confidence: DPI][FPC: 26/ntop, Confidence: IP address][DPI packets: 8][cat: Network/14][Breed: Safe][173 pkts/23566 bytes <-> 257 pkts/362876 bytes][Goodput ratio: 52/95][2.05 sec][Hostname/SNI: www.ntop.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.878 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/8 1428/1462 125/100][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 136/1412 1506/1506 233/308][nDPI Fingerprint: 183445c01ff0af7cc6868b8372849f73][TCP Fingerprint: 194_64_65535_d29295416479/macOS][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,1,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,2,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,91,0,0]
4 TCP 192.168.1.29:59837 <-> 116.203.142.127:443 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 26/ntop][Encrypted][Confidence: DPI][FPC: 26/ntop, Confidence: IP address][DPI packets: 8][cat: Network/14][Breed: Safe][131 pkts/22386 bytes <-> 172 pkts/234823 bytes][Goodput ratio: 61/95][2.05 sec][Hostname/SNI: www.ntop.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.826 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/3 1450/84 144/10][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 171/1365 1506/1506 279/366][nDPI Fingerprint: 09a4ff6a891e0364e7cd1b08c0825fc3][TCP Fingerprint: 194_64_65535_d29295416479/macOS][TLSv1.3][JA4: t13d1516h2_8daaf6152771_d8a2da3f94cd][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,2,4,0,0,0,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,85,0,0]
5 TCP 192.168.1.29:59836 <-> 116.203.142.127:443 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 26/ntop][Encrypted][Confidence: DPI][FPC: 26/ntop, Confidence: IP address][DPI packets: 8][cat: Network/14][Breed: Safe][107 pkts/16070 bytes <-> 148 pkts/206880 bytes][Goodput ratio: 56/95][2.07 sec][Hostname/SNI: www.ntop.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.856 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/3 1420/55 157/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 150/1398 1506/1506 258/342][nDPI Fingerprint: 09a4ff6a891e0364e7cd1b08c0825fc3][TCP Fingerprint: 194_64_65535_d29295416479/macOS][TLSv1.3][JA4: t13d1516h2_8daaf6152771_d8a2da3f94cd][JA3S: f4febc55ea12b31ae17cfb7e614afda8][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,94,0,0]
6 TCP 192.168.1.29:59834 <-> 116.203.142.127:443 [proto: 91.26/TLS.ntop][Stack: TLS.ntop][IP: 26/ntop][Encrypted][Confidence: DPI][FPC: 26/ntop, Confidence: IP address][DPI packets: 8][cat: Network/14][Breed: Safe][107 pkts/20039 bytes <-> 145 pkts/197964 bytes][Goodput ratio: 65/95][2.05 sec][Hostname/SNI: www.ntop.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.816 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 24/16 1434/1467 158/134][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 187/1365 1506/1506 297/383][nDPI Fingerprint: 183445c01ff0af7cc6868b8372849f73][TCP Fingerprint: 194_64_65535_d29295416479/macOS][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b6f405a00624][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,6,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,86,0,0]
Reference in a new issue View git blame Copy permalink