Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional host names for classification of TikTok and Tesla #2140

Closed
TxS-7 opened this issue Nov 9, 2023 · 0 comments
Closed

Additional host names for classification of TikTok and Tesla #2140

TxS-7 opened this issue Nov 9, 2023 · 0 comments
Labels
enhancement

Comments

@TxS-7
Copy link

TxS-7 commented Nov 9, 2023

Hello,

I've been running nDPI in a network to classify the traffic and I came across the following host names which could not be classified as TikTok and where classified as TLS instead:

*.tiktokcdn-eu.com:

  • v39.tiktokcdn-eu.com
  • v19.tiktokcdn-eu.com
  • v45.tiktokcdn-eu.com
  • v77.tiktokcdn-eu.com
  • v58.tiktokcdn-eu.com
  • v16m.tiktokcdn-eu.com
  • v45-p.tiktokcdn-eu.com

*.tiktokv.us

  • log16-normal-useast5.tiktokv.us
  • tnc16-normal-useast5.tiktokv.us
  • api16-normal-useast5.tiktokv.us
  • mon16-normal-useast5.tiktokv.us
  • location-v6.tiktokv.us
  • pitaya.tiktokv.us
  • bsync.tiktokv.us
  • api16-core-useast5.tiktokv.us
  • vcs16-normal-useast5.tiktokv.us
  • location-v6-ttp2.tiktokv.us
  • hotapi16-normal-useast5.tiktokv.us
  • mssdk16-normal-useast5.tiktokv.us
  • webcast16-normal-useast5.tiktokv.us
  • rtlog16-normal-useast5.tiktokv.us
  • pitaya-task.tiktokv.us

*.tiktokv.eu

  • tnc16-normal-ie.tiktokv.eu
  • api16-normal-ie.tiktokv.eu

*.ibyteimg.com

  • p16-tiktok-dm-sticker-sign-va.ibyteimg.com
  • p16-tiktok-dm-sticker-sign-sg.ibyteimg.com
  • p16-tiktok-dm-sticker-euttp-sign-useast2a.ibyteimg.com
  • p16-tiktokyoyo-va.ibyteimg.com
  • p16-tiktok-dm-sticker-sign-useast2a.ibyteimg.com

Would it be possible to add the following host names as TikTok?

I also found that some Tesla hostnames are quite common but are classified as TLS (or AWS using the IP). Specifically, I see many occurences of *.tesla.services host names. Below are some of the most common full host names that are related to Tesla:

  • api-prd.vn.tesla.services
  • daws.tesla.services
  • maps-eu-prd.go.tesla.services
  • hermes-prd.vn.tesla.services
  • api.mp.tesla.services
  • telemetry-prd.ap.tesla.services
  • telemetry-prd.vn.tesla.services
  • x1.ap.tesla.services
  • hermes-prd.ap.tesla.services
  • tesla-hermes-snapshot-eu.s3.ap.tesla.services
  • logupload-prod.vn.tesla.services
  • hermes-sx-prd.vn.tesla.services
  • supercharger-logdrop-prd.sn.tesla.services
  • hermes-prd.sn.tesla.services
  • digitalassets.tesla.com
  • str204-prd.vn.tesla.services
  • str203-prd.vn.tesla.services
  • str202-prd.vn.tesla.services
  • str201-prd.vn.tesla.services

Could you consider perhaps adding a new Tesla protocol ID for the above host name pattern?

Thank you.
utoni added a commit to utoni/nDPI that referenced this issue Nov 10, 2023
@utoni
Added TeslaServices and improved TikTok host names. Fixes ntop#2140.
50d6b69 
Signed-off-by: Toni Uhlig <[email protected]>
utoni added a commit to utoni/nDPI that referenced this issue Nov 10, 2023
@utoni
Added TeslaServices and improved TikTok host names. Fixes ntop#2140.
b360b1c 
Signed-off-by: Toni Uhlig <[email protected]>
@utoni utoni closed this as completed in 38f9a74 Nov 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TxS-7