tests/cfgs/default/result/encrypted_sni.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

DPI Packets (TCP):	3	(1.00 pkts/flow)
Confidence DPI              : 3 (flows)
Num dissector calls: 3 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/3/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
LRU cache fpc_dns:    0/0/0 (insert/search/found)
Automa host:          0/0 (search/found)
Automa domain:        0/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  6/6 (search/found)
Patricia risk mask:   6/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   3/3 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

TLS	3	2310	3

Safe                             3 2310          3            

JA Host Stats: 
		 IP Address                  	 # JA4C     
	1	 192.168.1.12             	 1      


	1	TCP 192.168.1.12:49886 -> 104.27.129.77:443 [proto: 91/TLS][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][Risk: ** TLS Susp ESNI Usage **** Missing SNI TLS Extn **** Unidirectional Traffic **** ALPN/SNI Mismatch **][Risk Score: 160][Risk Info: No server to client traffic / SNI should always be present / h2][TLSv1.2][JA4: t13d1813h2_29a2cd9e9f10_0d6ff543c596][Firefox][PLAIN TEXT (http/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	TCP 192.168.1.12:49887 -> 104.16.125.175:443 [proto: 91/TLS][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][Risk: ** TLS Susp ESNI Usage **** Missing SNI TLS Extn **** Unidirectional Traffic **** ALPN/SNI Mismatch **][Risk Score: 160][Risk Info: No server to client traffic / SNI should always be present / h2][TLSv1.2][JA4: t13d1813h2_29a2cd9e9f10_0d6ff543c596][Firefox][PLAIN TEXT (http/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	3	TCP 192.168.1.12:49897 -> 104.22.71.197:443 [proto: 91/TLS][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/770 bytes -> 0 pkts/0 bytes][Goodput ratio: 93/0][< 1 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][Risk: ** TLS Susp ESNI Usage **** Missing SNI TLS Extn **** Unidirectional Traffic **** ALPN/SNI Mismatch **][Risk Score: 160][Risk Info: No server to client traffic / SNI should always be present / h2][TLSv1.2][JA4: t13d1813h2_29a2cd9e9f10_0d6ff543c596][Firefox][PLAIN TEXT (http/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]