tests/result/line.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

Guessed flow protos:	2

DPI Packets (TCP):	13	(6.50 pkts/flow)
DPI Packets (UDP):	35	(17.50 pkts/flow)
Confidence Unknown          : 2 (flows)
Confidence DPI              : 2 (flows)
Num dissector calls: 497 (124.25 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/6/0 (insert/search/found)
LRU cache zoom:       0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/2/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
Automa host:          1/1 (search/found)
Automa domain:        1/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     1/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   8/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia protocols:   8/6 (search/found)

Unknown	24415	20278902	2
TLS	71	8307	1
Line	37	9480	1

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 10.200.3.125             	 1      


	1	TCP 10.200.3.125:58160 <-> 147.92.242.232:443 [proto: 91.315/TLS.Line][IP: 315/Line][Encrypted][Confidence: DPI][cat: Chat/9][16 pkts/4057 bytes <-> 21 pkts/5423 bytes][Goodput ratio: 78/78][70.05 sec][Hostname/SNI: uts-front.line-apps.com][bytes ratio: -0.144 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/0 5755/2607 29999/29999 11001/7538][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 254/258 627/1514 230/419][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: ca75ea4a95a9164cc96e372d7d075183][ServerNames: *.line-apps.com,line-apps.com][JA3S: 567bb420d39046dbfd1f68b558d86382][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018][Subject: C=JP, ST=Tokyo-to, L=Shinjuku-ku, O=LINE Corporation, CN=*.line-apps.com][Certificate SHA-1: 3C:37:D7:AB:BE:E6:5A:A5:BE:14:62:C8:21:8C:BC:E3:3E:A8:3E:96][Firefox][Validity: 2020-08-17 06:21:02 - 2022-11-13 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 5,15,5,0,0,15,0,0,5,15,5,0,0,0,0,0,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0]
	2	TCP 10.200.3.125:57841 <-> 147.92.165.194:443 [proto: 91/TLS][IP: 315/Line][Encrypted][Confidence: DPI][cat: Web/5][30 pkts/3436 bytes <-> 41 pkts/4871 bytes][Goodput ratio: 53/51][85.95 sec][bytes ratio: -0.173 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 34/0 1072/694 14545/14632 3030/2503][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 115/119 350/388 54/101][Plen Bins: 0,52,10,15,0,5,2,0,5,5,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]


Undetected flows:
	1	UDP 10.200.3.125:51161 <-> 147.92.169.90:29070 [proto: 0/Unknown][IP: 315/Line][ClearText][Confidence: Unknown][11410 pkts/9936925 bytes <-> 12995 pkts/10340033 bytes][Goodput ratio: 95/95][70.07 sec][bytes ratio: -0.020 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/4 225/7269 8/71][Pkt Len c2s/s2c min/avg/max/stddev: 62/62 871/796 1098/1096 304/374][Plen Bins: 1,16,14,21,1,1,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,5,19,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	UDP 10.200.3.125:51170 <-> 147.92.169.90:29070 [proto: 0/Unknown][IP: 315/Line][ClearText][Confidence: Unknown][5 pkts/898 bytes <-> 5 pkts/1046 bytes][Goodput ratio: 77/80][8.07 sec][bytes ratio: -0.076 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1999/1999 2009/2009 2038/2037 17/16][Pkt Len c2s/s2c min/avg/max/stddev: 174/198 180/209 202/254 11/22][Plen Bins: 0,0,0,0,80,10,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]