tests/cfgs/default/result/snapchat.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

DPI Packets (TCP):	18	(6.00 pkts/flow)
Confidence DPI              : 3 (flows)
Num dissector calls: 3 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/2/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
Automa host:          2/2 (search/found)
Automa domain:        2/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  2/2 (search/found)
Patricia risk mask:   2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   3/3 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

TLS	22	2879	1
Snapchat	34	7320	2

Safe                            22 2879          1            
Fun                             34 7320          2            

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 10.8.0.1                 	 2      


	1	TCP 10.8.0.1:56193 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 6][cat: SocialNetwork/6][9 pkts/2290 bytes <-> 8 pkts/1653 bytes][Goodput ratio: 78/74][0.72 sec][Hostname/SNI: feelinsonice-hrd.appspot.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.162 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 102/102 503/453 172/166][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 254/207 590/1123 237/350][TLSv1.2][JA3C: fded31ac9b978e56ce306f8056092f2a][JA4: t12d1407ht_efec8f3cafed_1b2d6ce873a4][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,14,0,0,28,0,0,0,0,0,0,0,0,0,0,0,42,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	TCP 10.8.0.1:44536 <-> 74.125.136.141:443 [proto: 91.199/TLS.Snapchat][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 6][cat: SocialNetwork/6][9 pkts/2345 bytes <-> 8 pkts/1032 bytes][Goodput ratio: 78/58][0.57 sec][Hostname/SNI: feelinsonice-hrd.appspot.com][(Advertised) ALPNs: http/1.1][(Negotiated) ALPN: http/1.1][bytes ratio: 0.389 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 81/86 403/353 142/131][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 261/129 590/502 236/150][TLSv1.2][JA3C: fded31ac9b978e56ce306f8056092f2a][JA4: t12d1407ht_efec8f3cafed_1b2d6ce873a4][JA3S: 7bee5c1d424b7e5f943b06983bb11422][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,14,0,0,14,0,14,0,0,0,0,0,0,0,14,0,42,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	3	TCP 10.8.0.1:33233 <-> 74.125.136.141:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][11 pkts/1910 bytes <-> 11 pkts/969 bytes][Goodput ratio: 68/39][2.27 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 283/283 2052/2000 670/650][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 174/88 590/292 163/75][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** Probing attempt **][Risk Score: 110][Risk Info: No ALPN / SNI should always be present / TLS/QUIC Probing][TLSv1.2][JA3C: 36e9ceaa96dd810482573844f78a063f][JA4: t12d220300_5fd681855ab9_1ea9011b3dfa][JA3S: fbe78c619e7ea20046131294ad087f05][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,12,0,25,12,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]