diff options
Diffstat (limited to 'tests/cfgs/default/result/http_invalid_server.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/http_invalid_server.pcap.out | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/tests/cfgs/default/result/http_invalid_server.pcap.out b/tests/cfgs/default/result/http_invalid_server.pcap.out index 35f9b314b..cbb9bed86 100644 --- a/tests/cfgs/default/result/http_invalid_server.pcap.out +++ b/tests/cfgs/default/result/http_invalid_server.pcap.out @@ -1,6 +1,6 @@ DPI Packets (TCP): 6 (6.00 pkts/flow) Confidence DPI : 1 (flows) -Num dissector calls: 16 (16.00 diss/flow) +Num dissector calls: 13 (13.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache stun: 0/0/0 (insert/search/found) @@ -8,7 +8,7 @@ LRU cache tls_cert: 0/0/0 (insert/search/found) LRU cache mining: 0/0/0 (insert/search/found) LRU cache msteams: 0/0/0 (insert/search/found) LRU cache fpc_dns: 0/1/0 (insert/search/found) -Automa host: 1/0 (search/found) +Automa host: 1/1 (search/found) Automa domain: 1/0 (search/found) Automa tls cert: 0/0 (search/found) Automa risk mask: 1/0 (search/found) @@ -24,4 +24,6 @@ OCSP 12 1301 1 Safe 12 1301 1 - 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Web/5][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ツ)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][Risk Info: Suspicious Log4J / Suspicious Agent][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] +Network 12 1301 1 + + 1 TCP 192.168.1.29:51536 <-> 143.204.14.183:80 [proto: 7.63/HTTP.OCSP][IP: 265/AmazonAWS][ClearText][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 6][cat: Network/14][7 pkts/556 bytes <-> 5 pkts/745 bytes][Goodput ratio: 15/55][0.04 sec][Hostname/SNI: ocsp.rootg2.amazontrust.com][bytes ratio: -0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 5/4 12/12 6/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 79/149 148/468 28/160][URL: ocsp.rootg2.amazontrust.com/][StatusCode: 200][Content-Type: application/ocsp-response][Server: ¯\_(ツ)_/¯][User-Agent: **][Risk: ** HTTP Susp User-Agent **** HTTP Susp Header **][Risk Score: 200][Risk Info: Suspicious Agent [¯\_(ツ)_/¯] / Suspicious Log4J][TCP Fingerprint: 2_64_65535_d29295416479/macOS][PLAIN TEXT (GET / HTTP/1.1)][Plen Bins: 33,0,33,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |