aboutsummaryrefslogtreecommitdiff
path: root/tests/result/waze.pcap.out
diff options
context:
space:
mode:
authorLuca <deri@ntop.org>2019-10-31 00:14:20 +0100
committerLuca <deri@ntop.org>2019-10-31 00:14:20 +0100
commit4802987178a0a49ea5ff4a01e92a35b5517734dc (patch)
tree90577a9664c56338c4f71b1ec303bc1d2b39c1d2 /tests/result/waze.pcap.out
parentaf01e61c89a66630fdc76e5059c0a348226e6f40 (diff)
Initial work towards HTTP content-type export
Diffstat (limited to 'tests/result/waze.pcap.out')
-rw-r--r--tests/result/waze.pcap.out16
1 files changed, 8 insertions, 8 deletions
diff --git a/tests/result/waze.pcap.out b/tests/result/waze.pcap.out
index a53a25046..b30d22f96 100644
--- a/tests/result/waze.pcap.out
+++ b/tests/result/waze.pcap.out
@@ -12,7 +12,7 @@ JA3 Host Stats:
1 TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][bytes ratio: -0.747 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 287.7/329.3 3806/5018 686.4/819.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 208.8/1360.9 590/17258 183.0/3378.1][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
- 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 320.7/372.6 3680/3677 903.4/959.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68.9/3438.7 317/11833 58.6/3467.6][URL: xtra1.gpsonextra.net/xtra2.bin][StatusCode: 200][PLAIN TEXT (GET /xtra)]
+ 2 TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 320.7/372.6 3680/3677 903.4/959.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68.9/3438.7 317/11833 58.6/3467.6][URL: xtra1.gpsonextra.net/xtra2.bin][StatusCode: 200][ContentType: application/octet-stream][UserAgent: Android][PLAIN TEXT (GET /xtra)]
3 TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 155.3/188.5 387/415 136.9/130.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115.4/3558.4 590/21942 132.3/6124.9][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
4 TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][bytes ratio: -0.902 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.8/125.8 1449/293 382.9/116.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 128.0/2829.5 590/11186 147.3/3901.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
5 TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][bytes ratio: -0.890 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 237.2/155.3 1289/609 358.5/182.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 102.7/2026.6 411/8150 98.2/2611.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2002-05-21 04:00:00 - 2018-08-21 04:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
@@ -24,15 +24,15 @@ JA3 Host Stats:
11 TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 195.8/194.7 883/537 285.6/190.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 126.8/383.6 380/2189 106.9/639.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
12 TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 335.4/261.1 1332/645 428.4/235.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 114.5/490.3 347/2533 94.6/785.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Validity: 2014-11-06 16:09:20 - 2015-11-06 16:09:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
13 TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 300.3/341.3 1397/1346 459.1/420.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 131.6/485.4 379/2165 107.7/725.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Organization: Google Inc][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Validity: 2013-04-05 15:15:55 - 2016-12-31 23:59:59][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
- 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75.0/104.8 261/274 88.5/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.7/428.0 137/1678 26.0/650.9][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][PLAIN TEXT (GET /images/HD/CH)]
+ 14 TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75.0/104.8 261/274 88.5/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.7/428.0 137/1678 26.0/650.9][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][ContentType: image/png][UserAgent: /3.9.4.0][PLAIN TEXT (GET /images/HD/CH)]
15 TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91.126/TLS.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 32.2/74.5 53/188 24.3/68.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 162.4/167.5 572/602 176.8/200.3][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA3S: 23f1f6e2f0015c166df49fdab4280370 (INSECURE)][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA]
- 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.7/28.7 134/84 49.8/39.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.2/110.1 194/447 45.7/137.5][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][PLAIN TEXT (GET /lang)]
+ 16 TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.7/28.7 134/84 49.8/39.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.2/110.1 194/447 45.7/137.5][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /lang)]
17 TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes][bytes ratio: 0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 80.5/98.2 289/238 105.9/82.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84.1/95.4 222/245 53.4/66.5][PLAIN TEXT (Android)]
- 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105.4/174.3 394/397 152.4/165.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.6/110.1 211/447 54.1/137.5][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /newV)]
- 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42.2/69.7 177/177 68.5/77.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.3/110.1 209/447 53.4/137.5][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /lang)]
- 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34.4/56.3 169/168 67.3/79.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.9/110.1 206/447 52.3/137.5][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /langs/1.0/lang.portuguese)]
- 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/42.3 126/125 50.1/58.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.6/109.9 204/445 51.7/136.8][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /newV)]
- 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.8/68.0 176/174 68.0/75.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.0/104.7 207/409 52.7/124.2][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /shields)]
+ 18 TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105.4/174.3 394/397 152.4/165.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.6/110.1 211/447 54.1/137.5][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /newV)]
+ 19 TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42.2/69.7 177/177 68.5/77.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.3/110.1 209/447 53.4/137.5][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /lang)]
+ 20 TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34.4/56.3 169/168 67.3/79.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.9/110.1 206/447 52.3/137.5][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /langs/1.0/lang.portuguese)]
+ 21 TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/42.3 126/125 50.1/58.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.6/109.9 204/445 51.7/136.8][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /newV)]
+ 22 TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.8/68.0 176/174 68.0/75.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.0/104.7 207/409 52.7/124.2][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][ContentType: ][UserAgent: /3.9.4.0][PLAIN TEXT (GET /shields)]
23 TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
24 TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
25 TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
Powered by cgit, Themed by Ted Yin.