aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/googledns_android10.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/cfgs/default/result/googledns_android10.pcap.out')
-rw-r--r--tests/cfgs/default/result/googledns_android10.pcap.out16
1 files changed, 8 insertions, 8 deletions
diff --git a/tests/cfgs/default/result/googledns_android10.pcap.out b/tests/cfgs/default/result/googledns_android10.pcap.out
index c0c0823eb..c1fa6ed74 100644
--- a/tests/cfgs/default/result/googledns_android10.pcap.out
+++ b/tests/cfgs/default/result/googledns_android10.pcap.out
@@ -33,11 +33,11 @@ JA3 Host Stats:
1 192.168.1.159 2
- 1 TCP 192.168.1.159:48210 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 7][cat: Network/14][121 pkts/19065 bytes <-> 120 pkts/45726 bytes][Goodput ratio: 58/83][72.27 sec][Hostname/SNI: dns.google][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 711/474 15173/5940 1940/1160][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/381 384/1484 93/280][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,42,0,0,0,0,5,0,0,0,0,0,51,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0]
- 2 TCP 192.168.1.159:48098 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 6][cat: Network/14][68 pkts/9706 bytes <-> 65 pkts/18916 bytes][Goodput ratio: 54/77][117.95 sec][Hostname/SNI: dns.google][bytes ratio: -0.322 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2097/1988 15177/15193 3804/3968][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/291 583/565 94/247][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: b734f75d22aaff9866fbd5d27eef9106][JA4: t12d150800_0707305c9f76_120e542614af][JA3S: 1249fb68f48c0444718e4d3b48b27188][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,1,0,0,49,0,0,0,0,0,0,0,0,0,0,47,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 TCP 192.168.1.159:48048 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 7][cat: Network/14][52 pkts/7375 bytes <-> 52 pkts/20720 bytes][Goodput ratio: 53/83][41.01 sec][Hostname/SNI: dns.google][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 882/623 15271/15287 2537/2442][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/398 384/1484 84/406][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,0,1,0,44,0,0,1,0,3,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,3,0,0,0]
- 4 TCP 192.168.1.159:48044 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 7][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.12 sec][Hostname/SNI: dns.google][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/9 34/19 13/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,0,22,11,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0]
- 5 TCP 192.168.1.159:56024 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][DPI packets: 7][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.14 sec][Hostname/SNI: dns.google][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/12 46/31 17/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,0,22,11,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0]
- 6 ICMP 192.168.1.159:0 <-> 8.8.8.8:0 [proto: 81/ICMP][IP: 126/Google][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][2 pkts/196 bytes <-> 2 pkts/196 bytes][Goodput ratio: 57/57][0.99 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.298 (Executable?)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 7 TCP 8.8.8.8:853 <-> 192.168.1.159:55856 [proto: 196/DoH_DoT][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 6][cat: Network/14][5 pkts/330 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][1.80 sec][bytes ratio: 0.719 (Upload)][IAT c2s/s2c min/avg/max/stddev: 223/0 449/0 911/0 281/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 66/54 66/54 0/0][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 8 TCP 8.8.4.4:853 <-> 192.168.1.159:47968 [proto: 196/DoH_DoT][IP: 126/Google][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Network/14][1 pkts/66 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.09 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.159:48210 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 7][cat: Network/14][121 pkts/19065 bytes <-> 120 pkts/45726 bytes][Goodput ratio: 58/83][72.27 sec][Hostname/SNI: dns.google][bytes ratio: -0.411 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 711/474 15173/5940 1940/1160][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 158/381 384/1484 93/280][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,0,0,0,42,0,0,0,0,5,0,0,0,0,0,51,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0]
+ 2 TCP 192.168.1.159:48098 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Network/14][68 pkts/9706 bytes <-> 65 pkts/18916 bytes][Goodput ratio: 54/77][117.95 sec][Hostname/SNI: dns.google][bytes ratio: -0.322 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2097/1988 15177/15193 3804/3968][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 143/291 583/565 94/247][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: b734f75d22aaff9866fbd5d27eef9106][JA4: t12d150800_0707305c9f76_120e542614af][JA3S: 1249fb68f48c0444718e4d3b48b27188][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,1,0,0,49,0,0,0,0,0,0,0,0,0,0,47,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 TCP 192.168.1.159:48048 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 7][cat: Network/14][52 pkts/7375 bytes <-> 52 pkts/20720 bytes][Goodput ratio: 53/83][41.01 sec][Hostname/SNI: dns.google][bytes ratio: -0.475 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 882/623 15271/15287 2537/2442][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 142/398 384/1484 84/406][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,0,1,0,44,0,0,1,0,3,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,3,0,0,0]
+ 4 TCP 192.168.1.159:48044 <-> 8.8.4.4:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 7][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.12 sec][Hostname/SNI: dns.google][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/9 34/19 13/8][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,0,22,11,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0]
+ 5 TCP 192.168.1.159:56024 <-> 8.8.8.8:853 [proto: 91.196/TLS.DoH_DoT][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 7][cat: Network/14][11 pkts/1097 bytes <-> 10 pkts/4148 bytes][Goodput ratio: 33/84][0.14 sec][Hostname/SNI: dns.google][bytes ratio: -0.582 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/12 46/31 17/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 100/415 220/1484 51/544][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 2c776785ee603cc85d37df996bb90cc8][JA4: t12d150700_0707305c9f76_0f3b2bcde21d][ServerNames: dns.google,*.dns.google.com,8888.google,dns.google.com,dns64.dns.google,2001:4860:4860::64,2001:4860:4860::6464,2001:4860:4860::8844,2001:4860:4860::8888,8.8.4.4,8.8.8.8][JA3S: b44baa8a20901c5663b3a9664ba8a767][Issuer: C=US, O=Google Trust Services, CN=GTS CA 1O1][Subject: C=US, ST=California, L=Mountain View, O=Google LLC, CN=dns.google][Certificate SHA-1: 5B:59:09:FC:7D:50:E6:F7:D1:08:8E:57:42:A2:D8:AE:1F:03:FF:EC][Safari][Validity: 2020-05-26 15:20:02 - 2020-08-18 15:20:02][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 11,0,22,11,11,0,0,11,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0]
+ 6 ICMP 192.168.1.159:0 <-> 8.8.8.8:0 [proto: 81/ICMP][IP: 126/Google][ClearText][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 1][cat: Network/14][2 pkts/196 bytes <-> 2 pkts/196 bytes][Goodput ratio: 57/57][0.99 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: No server to client traffic / Entropy: 5.298 (Executable?)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 TCP 8.8.8.8:853 <-> 192.168.1.159:55856 [proto: 196/DoH_DoT][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 6][cat: Network/14][5 pkts/330 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][1.80 sec][bytes ratio: 0.719 (Upload)][IAT c2s/s2c min/avg/max/stddev: 223/0 449/0 911/0 281/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 66/54 66/54 0/0][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 8 TCP 8.8.4.4:853 <-> 192.168.1.159:47968 [proto: 196/DoH_DoT][IP: 126/Google][Encrypted][Confidence: Match by port][FPC: 126/Google, Confidence: IP address][DPI packets: 2][cat: Network/14][1 pkts/66 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.09 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.