aboutsummaryrefslogtreecommitdiff
path: root/tests/result/teams.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/result/teams.pcap.out')
-rw-r--r--tests/result/teams.pcap.out4
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/result/teams.pcap.out b/tests/result/teams.pcap.out
index 0943bf4c5..92e596e91 100644
--- a/tests/result/teams.pcap.out
+++ b/tests/result/teams.pcap.out
@@ -51,12 +51,12 @@ JA3 Host Stats:
30 TCP 192.168.1.6:60567 <-> 52.114.77.136:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][13 pkts/2389 bytes <-> 11 pkts/7293 bytes][Goodput ratio: 69/91][1.77 sec][bytes ratio: -0.507 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/50 84/122 28/46][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 184/663 703/1506 228/665][TLSv1.2][Client: api.flightproxy.teams.microsoft.com][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a]
31 TCP 192.168.1.6:60557 <-> 52.113.194.132:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][12 pkts/2422 bytes <-> 13 pkts/7118 bytes][Goodput ratio: 72/90][0.17 sec][bytes ratio: -0.492 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/14 91/79 27/23][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 202/548 954/1506 267/645][TLSv1.2][Client: teams.microsoft.com][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][ServerNames: teams.microsoft.com][JA3S: 7d8fd34fdb13a7fff30d5a52846b6c4c][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 4][Subject: CN=teams.microsoft.com][Certificate SHA-1: 68:1E:E8:3C:83:70:6F:E3:86:F4:E8:8C:C4:E6:A0:9A:3E:E0:9C:0E][Validity: 2019-09-12 18:16:45 - 2021-09-12 18:16:45][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
32 UDP 93.71.110.205:16332 <-> 192.168.1.6:50016 [proto: 78.38/STUN.SkypeCall][cat: VoIP/10][30 pkts/5952 bytes <-> 7 pkts/3184 bytes][Goodput ratio: 79/91][2.72 sec][bytes ratio: 0.303 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 99/467 1167/1168 282/553][Pkt Len c2s/s2c min/avg/max/stddev: 80/80 198/455 1256/1256 284/507][Risk: ** Known protocol on non standard port **][PLAIN TEXT (SMnzNK)]
- 33 TCP 192.168.1.6:50036 <-> 52.114.250.153:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][17 pkts/1759 bytes <-> 13 pkts/7267 bytes][Goodput ratio: 46/90][3.92 sec][bytes ratio: -0.610 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 273/381 3619/3662 928/1094][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/559 289/1506 79/554][TLSv1.2][Client: 52.114.250.153][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][ServerNames: tr.teams.microsoft.com,*.tr.teams.microsoft.com,turn.teams.microsoft.com,*.turn.teams.microsoft.com,*.relay.teams.microsoft.com][JA3S: 986571066668055ae9481cb84fda634a][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5][Subject: CN=tr.teams.microsoft.com][Certificate SHA-1: A7:90:8D:41:ED:24:D2:83:48:95:90:CE:18:D3:A6:C2:62:7A:07:75][Validity: 2019-05-24 14:10:26 - 2021-05-24 14:10:26][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
+ 33 TCP 192.168.1.6:50036 <-> 52.114.250.153:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][17 pkts/1759 bytes <-> 13 pkts/7267 bytes][Goodput ratio: 46/90][3.92 sec][bytes ratio: -0.610 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 273/381 3619/3662 928/1094][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 103/559 289/1506 79/554][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: 52.114.250.153][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][ServerNames: tr.teams.microsoft.com,*.tr.teams.microsoft.com,turn.teams.microsoft.com,*.turn.teams.microsoft.com,*.relay.teams.microsoft.com][JA3S: 986571066668055ae9481cb84fda634a][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5][Subject: CN=tr.teams.microsoft.com][Certificate SHA-1: A7:90:8D:41:ED:24:D2:83:48:95:90:CE:18:D3:A6:C2:62:7A:07:75][Validity: 2019-05-24 14:10:26 - 2021-05-24 14:10:26][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
34 TCP 192.168.1.6:60538 <-> 52.114.75.70:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][12 pkts/1791 bytes <-> 8 pkts/7215 bytes][Goodput ratio: 54/93][0.15 sec][ALPN: h2;http/1.1][bytes ratio: -0.602 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 14/16 37/65 15/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 149/902 689/1506 176/629][TLSv1.2][Client: eu-prod.asyncgw.teams.microsoft.com][JA3C: ebf5e0e525258d7a8dcb54aa1564ecbd]
35 TCP 192.168.1.6:60539 <-> 52.114.75.69:443 [proto: 91.125/TLS.Skype][cat: VoIP/10][12 pkts/1773 bytes <-> 8 pkts/7189 bytes][Goodput ratio: 53/93][0.15 sec][ALPN: h2;http/1.1][bytes ratio: -0.604 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/20 32/58 15/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 148/899 674/1506 171/632][TLSv1.2][Client: eu-api.asm.skype.com][JA3C: ebf5e0e525258d7a8dcb54aa1564ecbd]
36 TCP 192.168.1.6:50018 <-> 52.114.250.123:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][20 pkts/1629 bytes <-> 13 pkts/7093 bytes][Goodput ratio: 29/90][1.92 sec][bytes ratio: -0.626 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/18 69/92 24/32][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 81/546 241/1506 48/564][TLSv1.2][Client: euaz.tr.teams.microsoft.com][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a]
37 TCP 192.168.1.6:50021 <-> 52.114.250.123:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][18 pkts/1509 bytes <-> 13 pkts/7093 bytes][Goodput ratio: 32/90][0.66 sec][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/23 46/85 20/34][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 84/546 241/1506 50/564][TLSv1.2][Client: euaz.tr.teams.microsoft.com][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a]
- 38 TCP 192.168.1.6:50014 <-> 52.114.250.152:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][14 pkts/1347 bytes <-> 11 pkts/6975 bytes][Goodput ratio: 42/91][0.22 sec][bytes ratio: -0.676 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/22 43/84 20/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/634 289/1506 73/570][TLSv1.2][Client: 52.114.250.152][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][ServerNames: tr.teams.microsoft.com,*.tr.teams.microsoft.com,turn.teams.microsoft.com,*.turn.teams.microsoft.com,*.relay.teams.microsoft.com][JA3S: 986571066668055ae9481cb84fda634a][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5][Subject: CN=tr.teams.microsoft.com][Certificate SHA-1: A7:90:8D:41:ED:24:D2:83:48:95:90:CE:18:D3:A6:C2:62:7A:07:75][Validity: 2019-05-24 14:10:26 - 2021-05-24 14:10:26][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
+ 38 TCP 192.168.1.6:50014 <-> 52.114.250.152:443 [proto: 91.250/TLS.Teams][cat: Collaborative/15][14 pkts/1347 bytes <-> 11 pkts/6975 bytes][Goodput ratio: 42/91][0.22 sec][bytes ratio: -0.676 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/22 43/84 20/30][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 96/634 289/1506 73/570][Risk: ** TLS Certificate Mismatch **][TLSv1.2][Client: 52.114.250.152][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][ServerNames: tr.teams.microsoft.com,*.tr.teams.microsoft.com,turn.teams.microsoft.com,*.turn.teams.microsoft.com,*.relay.teams.microsoft.com][JA3S: 986571066668055ae9481cb84fda634a][Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5][Subject: CN=tr.teams.microsoft.com][Certificate SHA-1: A7:90:8D:41:ED:24:D2:83:48:95:90:CE:18:D3:A6:C2:62:7A:07:75][Validity: 2019-05-24 14:10:26 - 2021-05-24 14:10:26][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
39 TCP 192.168.1.6:60566 <-> 167.99.215.164:4434 [proto: 91.26/TLS.ntop][cat: Network/14][9 pkts/3029 bytes <-> 8 pkts/2213 bytes][Goodput ratio: 80/76][2.73 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.156 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 351/431 1977/2053 668/728][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 337/277 1012/1291 385/397][Risk: ** Known protocol on non standard port **][TLSv1.2][Client: dati.ntop.org][JA3C: 7120d65624bcd2e02ed4b01388d84cdb][JA3S: 410b9bedaf65dd26c6fe547154d60db4][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
40 TCP 192.168.1.6:60546 <-> 167.99.215.164:4434 [proto: 91.26/TLS.ntop][cat: Network/14][10 pkts/2195 bytes <-> 10 pkts/2077 bytes][Goodput ratio: 69/68][5.38 sec][ALPN: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: 0.028 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 650/754 5000/5000 1645/1734][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 220/208 1021/1292 308/364][Risk: ** Known protocol on non standard port **][TLSv1.2][Client: dati.ntop.org][JA3C: 7120d65624bcd2e02ed4b01388d84cdb][JA3S: 410b9bedaf65dd26c6fe547154d60db4][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
41 UDP 192.168.1.6:50036 <-> 52.114.250.137:3478 [proto: 78.38/STUN.SkypeCall][cat: VoIP/10][5 pkts/1390 bytes <-> 4 pkts/733 bytes][Goodput ratio: 85/77][4.06 sec][bytes ratio: 0.309 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/100 1003/774 2235/2092 994/932][Pkt Len c2s/s2c min/avg/max/stddev: 228/174 278/183 314/198 33/10][PLAIN TEXT (rtcmedia)]
Powered by cgit, Themed by Ted Yin.