aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/ocsp.pcapng.out
blob: 90608f1ecc102aa842d096e452162022efdff221 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

DPI Packets (TCP):	60	(6.00 pkts/flow)
Confidence DPI              : 10 (flows)
Num dissector calls: 150 (15.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
LRU cache fpc_dns:    0/10/0 (insert/search/found)
Automa host:          1/0 (search/found)
Automa domain:        1/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   17/3 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

OCSP	344	73647	10

Safe                           344 73647         10           

	1	TCP 192.168.1.128:49034 <-> 23.12.96.145:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][24 pkts/3999 bytes <-> 22 pkts/8476 bytes][Goodput ratio: 29/69][117.30 sec][Hostname/SNI: ocsp.entrust.net][bytes ratio: -0.359 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5094/5187 10241/10241 4906/5058][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 167/385 505/1566 128/500][URL: ocsp.entrust.net/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (BHPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
	2	TCP 192.168.1.227:49813 <-> 109.70.240.130:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][10 pkts/2245 bytes <-> 13 pkts/8626 bytes][Goodput ratio: 51/84][65.14 sec][Hostname/SNI: ocsp07.actalis.it][bytes ratio: -0.587 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/8 28/36 10/15][Pkt Len c2s/s2c min/avg/max/stddev: 112/112 224/664 491/1566 171/540][URL: ocsp07.actalis.it/VA/AUTH-ROOT/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSw4x5v4bTlizjNRmTdkYSy7q0R9gQUUtiIOsifeGbtifN7OHCUyQICNtACEEWXMtjzGMt1k6L0aA%2BQ6tk%3D][StatusCode: 200][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Microsoft-CryptoAPI/10.0][PLAIN TEXT (GET /VA/AUTH)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,41,8,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0]
	3	TCP 192.168.1.128:47904 <-> 93.184.220.29:80 [proto: 7.63/HTTP.OCSP][IP: 288/Edgecast][ClearText][Confidence: DPI][FPC: 288/Edgecast, Confidence: IP address][DPI packets: 6][cat: Network/14][27 pkts/4355 bytes <-> 23 pkts/5119 bytes][Goodput ratio: 27/47][166.99 sec][Hostname/SNI: ocsp.digicert.com][bytes ratio: -0.081 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 6194/7858 10240/10240 4838/4216][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 161/223 505/917 122/269][URL: ocsp.digicert.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: ECS (mil/6CEA)][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (POST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	4	TCP 192.168.1.128:54154 <-> 142.250.184.99:80 [proto: 7.63/HTTP.OCSP][IP: 126/Google][ClearText][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Network/14][26 pkts/3864 bytes <-> 24 pkts/4244 bytes][Goodput ratio: 20/33][193.02 sec][Hostname/SNI: ocsp.pki.goog][bytes ratio: -0.047 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/7 7460/8270 10243/10242 4397/3814][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 149/177 512/820 105/194][URL: ocsp.pki.goog/gts1o1core][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: ocsp_responder][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (POST /gts)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	5	TCP 192.168.1.128:43728 <-> 92.122.95.235:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][19 pkts/3022 bytes <-> 17 pkts/3792 bytes][Goodput ratio: 26/47][123.97 sec][Hostname/SNI: r3.o.lencr.org][bytes ratio: -0.113 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 6898/7491 10244/10244 4464/4342][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 159/223 504/1007 118/286][URL: r3.o.lencr.org/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (xPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	6	TCP 192.168.1.128:59922 <-> 151.101.2.133:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][18 pkts/2533 bytes <-> 17 pkts/4012 bytes][Goodput ratio: 16/50][115.14 sec][Hostname/SNI: ocsp.globalsign.com][bytes ratio: -0.226 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 6576/7043 10240/10240 4898/4566][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 141/236 519/1462 92/343][URL: ocsp.globalsign.com/gsrsaovsslca2018][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (JiZPOST /gsrsaovsslca)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0]
	7	TCP 192.168.1.128:45514 <-> 109.70.240.114:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][12 pkts/1823 bytes <-> 12 pkts/3749 bytes][Goodput ratio: 22/62][65.05 sec][Hostname/SNI: ocsp09.actalis.it][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5666/5124 10241/10241 5060/5116][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 152/312 517/1566 110/448][URL: ocsp09.actalis.it/VA/AUTHOV-G3][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: nginx][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (POST /VA/AUTHOV)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
	8	TCP 192.168.1.128:49382 <-> 52.85.15.92:80 [proto: 7.63/HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][17 pkts/2410 bytes <-> 15 pkts/2784 bytes][Goodput ratio: 16/36][115.66 sec][Hostname/SNI: ocsp.sca1b.amazontrust.com][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 7320/8368 10240/10240 4401/3916][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 142/186 514/1124 93/251][URL: ocsp.sca1b.amazontrust.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: ECS (dcb/7F3B)][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (KPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	9	TCP 192.168.1.128:34320 <-> 151.139.128.14:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][12 pkts/1817 bytes <-> 12 pkts/2623 bytes][Goodput ratio: 22/46][65.10 sec][Hostname/SNI: geant.ocsp.sectigo.com][bytes ratio: -0.182 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5676/5133 10240/10240 5053/5106][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 151/219 511/846 108/229][URL: geant.ocsp.sectigo.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: Apache][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (WPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,0,33,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	10	TCP 192.168.1.128:34340 <-> 151.139.128.14:80 [proto: 7.63/HTTP.OCSP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Network/14][12 pkts/1813 bytes <-> 12 pkts/2341 bytes][Goodput ratio: 21/39][65.09 sec][Hostname/SNI: ocsp.usertrust.com][bytes ratio: -0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5681/5127 10240/10240 5067/5111][Pkt Len c2s/s2c min/avg/max/stddev: 118/118 151/195 507/590 107/171][URL: ocsp.usertrust.com/][StatusCode: 200][Req Content-Type: application/ocsp-request][Content-Type: application/ocsp-response][Server: Apache][User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0][PLAIN TEXT (sPOST / HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,33,33,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.