DPI error 19006: googleapis.com - Failure to pass SafetyNet validation.

Video record is here

and. The SSL / TLS inspection log shows no sign.

Video time is 23:18. The last log timestamp is 23:17.

When using proxy mode, you can see the checkbox for HTTPS decryption is unchecked.
When using DPI mode, the HTTPS inspection is controlled by the rules in the SSL/TLS inspection rules tab.
I don't know what safetynet uses, but can you temporarily disable all scanning rules (or put in a high level Do Not Decrypt rule in) and try again.
I just want to make sure you are doing an apples-to-apples comparison.

I am surprised that in all of that, the TLS log for that IP only shows one thing and for an unrelated domain.
That's why I am asking to test with making sure all traffic is Do Not Decrypt.

When using proxy mode, you can see the checkbox for HTTPS decryption is unchecked.
When using DPI mode, the HTTPS inspection is controlled by the rules in the SSL/TLS inspection rules tab.
I don't know what safetynet uses, but can you temporarily disable all scanning rules (or put in a high level Do Not Decrypt rule in) and try again.
I just want to make sure you are doing an apples-to-apples comparison.

I am surprised that in all of that, the TLS log for that IP only shows one thing and for an unrelated domain.
That's why I am asking to test with making sure all traffic is Do Not Decrypt.

Okay. I will try again.

Thanks.

SSL/TLS Inspection rules and error log is here.

I could not find the log file path in the CLI. Let me know and I'll check.

Thanks for the access.  Moving to PM and asking to reproduce with additional logging on.