aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/sites.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/cfgs/default/result/sites.pcapng.out')
-rw-r--r--tests/cfgs/default/result/sites.pcapng.out2
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/sites.pcapng.out b/tests/cfgs/default/result/sites.pcapng.out
index ff674ccb2..b277f984e 100644
--- a/tests/cfgs/default/result/sites.pcapng.out
+++ b/tests/cfgs/default/result/sites.pcapng.out
@@ -97,7 +97,7 @@ JA Host Stats:
1 TCP 192.168.1.250:39890 <-> 45.82.241.51:80 [proto: 7.261/HTTP.Likee][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: SocialNetwork/6][58 pkts/4414 bytes <-> 54 pkts/74431 bytes][Goodput ratio: 22/96][182.93 sec][Hostname/SNI: videosnap.like.video][bytes ratio: -0.888 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/40 1449/1478 252/226][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 76/1378 244/1514 52/370][URL: videosnap.like.video/eu_live/5uz/1YOmxT.webp?type=8&resize=1&dw=360][StatusCode: 200][Content-Type: image/webp][Server: openresty][User-Agent: Like-Android][TCP Fingerprint: 2_64_65535_685ad951a756/Android][PLAIN TEXT (GET /eu)][Plen Bins: 0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,3,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,85,0,0]
2 TCP 192.168.1.128:50620 <-> 91.198.174.208:443 [proto: 91.176/TLS.Wikipedia][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Web/5][28 pkts/3033 bytes <-> 24 pkts/18149 bytes][Goodput ratio: 39/91][170.60 sec][Hostname/SNI: upload.wikimedia.org][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.714 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 5077/6202 58326/58377 16039/17553][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 108/756 583/1514 106/683][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1815h2_e8a523a41297_3d5424432f57][JA3S: 15af977ce25de452b96affa2addb1036][Firefox][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 11,23,3,3,0,3,0,3,0,3,3,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,39,0,0]
3 TCP 192.168.1.245:49558 <-> 80.158.42.215:443 [proto: 91.399/TLS.HuaweiCloud][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Cloud/13][14 pkts/4392 bytes <-> 9 pkts/12610 bytes][Goodput ratio: 82/96][0.62 sec][Hostname/SNI: id7.cloud.huawei.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.483 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 51/93 439/462 123/166][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 314/1401 1081/3954 396/1672][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][ServerNames: avatar.id.huawei.com,hts.huawei.com.cn,*.cdn.hicloud.com,*.cloud.dbankcloud.com,*.cloud.hicloud.com,*.cloud.huawei.asia,*.cloud.huawei.com,*.cloud.huawei.com.au,*.cloud.huawei.com.cn,*.cloud.huawei.eu,*.cloud.huawei.ru,*.dbankcloud.cn,*.dbankcloud.com,*.hicloud.com,*.hms.dbankcloud.cn,*.huawei.com,*.platform.dbankcloud.cn,*.platform.dbankcloud.com,*.platform.dbankcloud.ru,*.platform.hicloud.com,*.vmall.com][JA3S: eb7ce657b6814e1bc6402d66a2309dc6][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018][Subject: C=CN, ST=Jiangsu, L=Nanjing, O=Huawei Software Technologies Co., Ltd., CN=avatar.id.huawei.com][ECH: version 0xfe0d][Certificate SHA-1: 4F:6B:EE:C1:86:C1:2D:DB:AB:BF:DB:90:42:2D:06:A9:63:FF:76:52][Firefox][Validity: 2023-07-26 01:16:11 - 2024-08-26 01:16:10][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 8,8,8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,8,0,8,0,0,8,0,0,0,0,8,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
- 4 TCP 192.168.1.183:44102 <-> 146.70.182.51:443 [proto: 91.427/TLS.SurfShark][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: VPN/2][11 pkts/5817 bytes <-> 10 pkts/7012 bytes][Goodput ratio: 87/90][0.21 sec][Hostname/SNI: it-mil-v086.prod.surfshark.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/24 99/96 32/39][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 529/701 2022/3526 696/1053][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b0da82dd1658][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,8,25,0,0,0,0,0,0,8,0,8,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,25]
+ 4 TCP 192.168.1.183:44102 <-> 146.70.182.51:443 [proto: 91.427/TLS.SurfShark][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: VPN/2][11 pkts/5817 bytes <-> 10 pkts/7012 bytes][Goodput ratio: 87/90][0.21 sec][Hostname/SNI: it-mil-v086.prod.surfshark.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.093 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/24 99/96 32/39][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 529/701 2022/3526 696/1053][Risk: ** Malicious Fingerpint **][Risk Score: 50][Risk Info: t13d1517h2_8daaf6152771_b0da82dd1658][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1517h2_8daaf6152771_b0da82dd1658][JA3S: fcb2d4d0991292272fcb1e464eedfd43][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,8,25,0,0,0,0,0,0,8,0,8,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,25]
5 TCP 192.168.1.245:54690 <-> 160.44.196.198:443 [proto: 91.399/TLS.HuaweiCloud][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Cloud/13][8 pkts/1733 bytes <-> 7 pkts/9520 bytes][Goodput ratio: 74/96][0.18 sec][Hostname/SNI: cloud.huawei.com][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.692 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 22/12 40/30 15/14][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 217/1360 718/4434 253/1807][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.2][JA4: t13d1715h2_5b57614c22b0_5c2c66f702b0][ServerNames: cloud.huawei.asia,cloud.huawei.com.cn,cloud.huawei.com,cloud.huawei.com.au,cloud.huawei.eu,cloud.huawei.lat,cloud.huawei.ru,*.dbank.com,*.hicloud.com,*.cloud.dbankcloud.cn,*.cloud.dbankcloud.com,*.cloud.dbankcloud.ru,*.cloud.hicloud.com,*.cloud.huawei.asia,*.cloud.huawei.com,*.cloud.huawei.com.au,*.cloud.huawei.com.cn,*.cloud.huawei.eu,*.cloud.huawei.lat,*.cloud.huawei.ru,*.platform.dbankcloud.cn,*.platform.hicloud.com][JA3S: eb7ce657b6814e1bc6402d66a2309dc6][Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign RSA OV SSL CA 2018][Subject: C=CN, ST=Jiangsu, L=Nanjing, O=Huawei Software Technologies Co., Ltd., CN=cloud.huawei.asia][ECH: version 0xfe0d][Certificate SHA-1: 94:8E:17:DA:5F:C7:62:E4:1E:F0:A5:AB:A0:B9:7B:DE:A5:F4:75:33][Firefox][Validity: 2023-08-11 07:21:05 - 2024-09-11 07:21:04][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,12,12,0,0,0,0,0,12,0,0,0,0,0,0,0,25,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25]
6 TCP 192.168.1.245:58624 <-> 104.16.156.111:443 [proto: 91.426/TLS.NordVPN][IP: 220/Cloudflare][Encrypted][Confidence: DPI][FPC: 220/Cloudflare, Confidence: IP address][DPI packets: 6][cat: VPN/2][11 pkts/2405 bytes <-> 11 pkts/8192 bytes][Goodput ratio: 69/91][0.13 sec][Hostname/SNI: s1.nordcdn.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.546 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 8/5 22/22 10/9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 219/745 1219/2848 330/829][TCP Fingerprint: 2_64_64240_2e3cee914fc1/Linux][TLSv1.3][JA4: t13d1715h2_5b57614c22b0_7121afd63204][JA3S: 2b0648ab686ee45e0e7c35fcfb0eea7e][ECH: version 0xfe0d][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 16,0,16,0,0,0,0,0,7,0,7,0,0,0,7,0,7,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,7,0,7,0,7]
7 TCP 192.168.1.250:41878 <-> 92.122.95.99:443 [proto: 91.49/TLS.TikTok][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: SocialNetwork/6][16 pkts/3550 bytes <-> 15 pkts/7010 bytes][Goodput ratio: 70/86][16.63 sec][Hostname/SNI: vcs-va.tiktokv.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.328 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1381/1506 16408/16423 4531/4717][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 222/467 1090/1514 286/552][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.3][JA4: t13d1615h2_46e7e9700bed_45f260be83e2][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 7,0,7,0,0,0,0,0,24,0,0,0,7,0,7,0,7,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,7,0,0,0,0,0,0,0,7,0,0,0,0,15,0,0]
Powered by cgit, Themed by Ted Yin.