aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/alexa-app.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/cfgs/default/result/alexa-app.pcapng.out')
-rw-r--r--tests/cfgs/default/result/alexa-app.pcapng.out2
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/alexa-app.pcapng.out b/tests/cfgs/default/result/alexa-app.pcapng.out
index 71d5be307..fc797951a 100644
--- a/tests/cfgs/default/result/alexa-app.pcapng.out
+++ b/tests/cfgs/default/result/alexa-app.pcapng.out
@@ -144,7 +144,7 @@ JA3 Host Stats:
95 TCP 172.16.42.216:49572 <-> 52.94.232.134:80 [proto: 7.110/HTTP.AmazonAlexa][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][6 pkts/1152 bytes <-> 4 pkts/1582 bytes][Goodput ratio: 70/85][1.16 sec][Hostname/SNI: alexa.amazon.com][bytes ratio: -0.157 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/15 232/42 901/70 336/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 192/396 862/1400 300/580][URL: alexa.amazon.com/manifest/pitangui.appcache][StatusCode: 200][Content-Type: text/cache-manifest][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /manifest/pitangui.appcache)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0]
96 TCP 172.16.42.216:49606 <-> 52.94.232.134:80 [proto: 7.110/HTTP.AmazonAlexa][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][6 pkts/1124 bytes <-> 4 pkts/1582 bytes][Goodput ratio: 69/85][4.72 sec][Hostname/SNI: alexa.amazon.com][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/17 943/66 4438/116 1748/50][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 187/396 834/1400 289/580][URL: alexa.amazon.com/manifest/pitangui.appcache][StatusCode: 200][Content-Type: text/cache-manifest][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /manifest/pitangui.appcache)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0]
97 TCP 172.16.42.216:49613 <-> 52.94.232.134:80 [proto: 7.110/HTTP.AmazonAlexa][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][6 pkts/1124 bytes <-> 4 pkts/1582 bytes][Goodput ratio: 69/85][1.39 sec][Hostname/SNI: alexa.amazon.com][bytes ratio: -0.169 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/19 277/41 1181/63 453/22][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 187/396 834/1400 289/580][URL: alexa.amazon.com/manifest/pitangui.appcache][StatusCode: 200][Content-Type: text/cache-manifest][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /manifest/pitangui.appcache)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0]
- 98 TCP 172.16.42.216:42878 <-> 173.194.223.188:5228 [proto: 91.239/TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 239/GoogleServices, Confidence: DNS][DPI packets: 6][cat: Web/5][8 pkts/1484 bytes <-> 9 pkts/1103 bytes][Goodput ratio: 63/45][0.44 sec][Hostname/SNI: mtalk.google.com][bytes ratio: 0.147 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/36 119/119 39/43][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186/123 583/205 193/57][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **][Risk Score: 60][Risk Info: No ALPN][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA3C: a5a59633017c3d696d2c69350e5fc004][JA4: t12d200900_93851ff8129a_f88f2b2eb673][JA3S: 9b1466fd60cadccb848e09c86e284265][Safari][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 12,12,0,38,12,0,0,0,0,0,0,12,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 98 TCP 172.16.42.216:42878 <-> 173.194.223.188:5228 [proto: 91.239/TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 239/GoogleServices, Confidence: DNS][DPI packets: 6][cat: Web/5][8 pkts/1484 bytes <-> 9 pkts/1103 bytes][Goodput ratio: 63/45][0.44 sec][Hostname/SNI: mtalk.google.com][bytes ratio: 0.147 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 46/36 119/119 39/43][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186/123 583/205 193/57][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **][Risk Score: 60][Risk Info: No ALPN / Expected on port 443][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA3C: a5a59633017c3d696d2c69350e5fc004][JA4: t12d200900_93851ff8129a_f88f2b2eb673][JA3S: 9b1466fd60cadccb848e09c86e284265][Safari][Cipher: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256][Plen Bins: 12,12,0,38,12,0,0,0,0,0,0,12,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
99 TCP 172.16.42.216:58048 <-> 54.239.28.178:443 [proto: 91/TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: Web/5][10 pkts/1320 bytes <-> 9 pkts/1259 bytes][Goodput ratio: 58/58][0.27 sec][bytes ratio: 0.024 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/23 69/70 31/32][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 132/140 544/651 147/183][Risk: ** Obsolete TLS (v1.1 or older) **** Weak TLS Cipher **][Risk Score: 200][Risk Info: TLSv1 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA4: t10d140200_37d7d24289bf_33a13ba74d1c][JA3S: 18e962e106761869a61045bed0e81c2c (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,42,14,0,0,14,0,0,0,0,0,0,0,0,0,14,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
100 TCP 172.16.42.216:49630 <-> 52.94.232.134:80 [proto: 7.110/HTTP.AmazonAlexa][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 110/AmazonAlexa, Confidence: DNS][DPI packets: 6][cat: VirtAssistant/32][6 pkts/1340 bytes <-> 4 pkts/419 bytes][Goodput ratio: 74/44][5.51 sec][Hostname/SNI: alexa.amazon.com][bytes ratio: 0.524 (Upload)][IAT c2s/s2c min/avg/max/stddev: 23/0 1100/138 4406/275 1672/138][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 223/105 1050/237 370/76][URL: alexa.amazon.com/lib/bootstrap/img/glyphicons-halflings.png][StatusCode: 404][User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; LGLS751 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36 PitanguiBridge/1.16.4.5-[MANUFACTURER=LGE][RELEASE=5.1.1][BRAND=lge][SDK=22][MODEL=LGLS751]][Risk: ** Error Code **][Risk Score: 10][Risk Info: HTTP Error Code 404][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][PLAIN TEXT (GET /lib/bootstrap/im)][Plen Bins: 0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
101 TCP 172.16.42.216:45697 <-> 52.94.232.134:443 [proto: 91.178/TLS.Amazon][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 178/Amazon, Confidence: DNS][DPI packets: 6][cat: Web/5][9 pkts/1043 bytes <-> 5 pkts/428 bytes][Goodput ratio: 51/32][4.57 sec][Hostname/SNI: pitangui.amazon.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 0.418 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 68/182 298/364 98/182][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 116/86 293/139 96/32][Risk: ** Weak TLS Cipher **** Malicious Fingerpint **][Risk Score: 150][Risk Info: d551fafc4f40f1dec2bb45980bfa9492 / Cipher TLS_RSA_WITH_AES_128_CBC_SHA][TCP Fingerprint: 2_64_65535_41a9d5af7dd3/Android][TLSv1.2][JA3C: d551fafc4f40f1dec2bb45980bfa9492][JA4: t12d1510h2_f0daf39aad75_e69ac49eb88f][JA3S: 18e962e106761869a61045bed0e81c2c (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,40,20,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.