tests/cfgs/default/result/capwap_data.pcapng.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

DPI Packets (TCP):	14	(4.67 pkts/flow)
Confidence DPI              : 3 (flows)
Num dissector calls: 3 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
LRU cache fpc_dns:    0/3/0 (insert/search/found)
Automa host:          3/3 (search/found)
Automa domain:        3/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   3/3 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

GoogleServices	14	2624	3

Acceptable                      14 2624          3            

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 10.1.3.68                	 1      


	1	TCP 10.1.3.68:47025 <-> 74.125.130.188:443 [VLAN: 4][proto: CAPWAP:91.239/TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Web/5][3 pkts/630 bytes <-> 3 pkts/434 bytes][Goodput ratio: 27/0][0.11 sec][Hostname/SNI: alt2-mtalk.google.com][bytes ratio: 0.184 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/103 51/103 101/103 50/0][Pkt Len c2s/s2c min/avg/max/stddev: 150/142 210/145 322/150 79/4][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee65329706afb750866495410fce080d][JA4: t12d140800_c866b44c5a26_b39be8c56a14][Safari][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	TCP 10.1.3.68:47025 <-> 74.125.130.188:443 [VLAN: 3][proto: CAPWAP:91.239/TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 4][cat: Web/5][3 pkts/630 bytes <-> 1 pkts/150 bytes][Goodput ratio: 27/0][0.10 sec][Hostname/SNI: alt2-mtalk.google.com][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee65329706afb750866495410fce080d][JA4: t12d140800_c866b44c5a26_b39be8c56a14][Safari][PLAIN TEXT (mtalk.google.com)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	3	TCP 10.1.3.68:47025 <-> 74.125.130.188:443 [VLAN: 395][proto: CAPWAP:91.239/TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 4][cat: Web/5][3 pkts/630 bytes <-> 1 pkts/150 bytes][Goodput ratio: 27/0][0.10 sec][Hostname/SNI: alt2-mtalk.google.com][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ee65329706afb750866495410fce080d][JA4: t12d140800_c866b44c5a26_b39be8c56a14][Safari][PLAIN TEXT (mtalk.google.com)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]