aboutsummaryrefslogtreecommitdiff
path: root/tests/result/KakaoTalk_talk.pcap.out
blob: 8ec656e9f931d2a1ec74729ea0a260cc3d32aecb (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

HTTP	5	280	1
QQ	15	1727	1
RTP	2991	398751	2
TLS	90	21844	3
Facebook	34	4401	4
Google	4	359	4
HTTP_Proxy	16	1838	2
Amazon	4	396	1
KakaoTalk_Voice	44	6196	2

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 10.24.82.188             	 2      


	1	UDP 10.24.82.188:11320 <-> 1.201.1.174:23044 [proto: 87/RTP][cat: Media/1][757 pkts/106335 bytes <-> 746 pkts/93906 bytes][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 59.7/59.8 202/2844 48.0/119.7][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 140.5/125.9 234/236 43.2/33.1][PLAIN TEXT (46yOXQ)]
	2	UDP 10.24.82.188:10268 <-> 1.201.1.174:23046 [proto: 87/RTP][cat: Media/1][746 pkts/93906 bytes <-> 742 pkts/104604 bytes][bytes ratio: -0.054 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 5/0 59.5/60.1 112/2844 23.2/122.4][Pkt Len c2s/s2c min/avg/max/stddev: 99/99 125.9/141.0 236/234 33.1/43.4][PLAIN TEXT (46yOXQ)]
	3	TCP 10.24.82.188:58857 <-> 110.76.143.50:9001 [proto: 91/TLS][cat: Web/5][22 pkts/5326 bytes <-> 18 pkts/5212 bytes][bytes ratio: 0.011 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2456.1/3025.4 20472/21237 4971.0/5475.6][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 242.1/289.6 878/920 253.9/276.1][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][Server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
	4	TCP 10.24.82.188:32968 <-> 110.76.143.50:8080 [proto: 91/TLS][cat: Web/5][23 pkts/4380 bytes <-> 22 pkts/5728 bytes][bytes ratio: -0.133 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/0 1889.0/2508.9 20336/21232 4517.0/5076.7][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 190.4/260.4 814/920 164.3/240.9][TLSv1][JA3C: 4b79ae67eb3b2cf1c75e68ea0100ca1b][Server: kakao.com][JA3S: 4ea82b75038dd27e8a1cb69d8b839b26 (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA]
	5	TCP 10.24.82.188:59954 <-> 173.252.88.128:443 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][15 pkts/2932 bytes <-> 14 pkts/1092 bytes][bytes ratio: 0.457 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 139.6/145.4 494/452 153.9/122.7][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 195.5/78.0 735/189 228.1/34.6][TLSv1][JA3C: dff8a0aa1c904aaea76c5bf624e88333][JA3S: 07dddc59e60135c7b479d39c3ae686af][Cipher: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA]
	6	UDP 10.24.82.188:10269 <-> 1.201.1.174:23047 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][12 pkts/1692 bytes <-> 10 pkts/1420 bytes][bytes ratio: 0.087 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1062/3176 4099.5/4827.9 4716/8101 1132.3/1387.8][Pkt Len c2s/s2c min/avg/max/stddev: 122/142 141.0/142.0 150/142 6.1/0.0]
	7	UDP 10.24.82.188:11321 <-> 1.201.1.174:23045 [proto: 194/KakaoTalk_Voice][cat: VoIP/10][11 pkts/1542 bytes <-> 11 pkts/1542 bytes][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1105/1052 4383.7/4322.4 4905/7690 1137.9/1595.2][Pkt Len c2s/s2c min/avg/max/stddev: 122/122 140.2/140.2 142/142 5.7/5.7]
	8	TCP 10.24.82.188:48489 <-> 203.205.147.215:80 [proto: 7.48/HTTP.QQ][cat: Chat/9][8 pkts/1117 bytes <-> 7 pkts/610 bytes][Host: hkminorshort.weixin.qq.com][bytes ratio: 0.294 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 535.4/230.7 2019/1166 748.4/419.8][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 139.6/87.1 665/262 198.8/71.4][PLAIN TEXT (POST http)]
	9	TCP 10.24.82.188:51021 <-> 103.246.57.251:8080 [proto: 131/HTTP_Proxy][cat: Web/5][6 pkts/543 bytes <-> 5 pkts/945 bytes][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 77/47 4920.2/6109.8 17431/17434 6679.4/7064.4][Pkt Len c2s/s2c min/avg/max/stddev: 68/68 90.5/189.0 130/504 24.3/164.1]
	10	TCP 139.150.0.125:443 <-> 10.24.82.188:46947 [proto: 91/TLS][cat: Web/5][3 pkts/1044 bytes <-> 2 pkts/154 bytes]
	11	TCP 10.24.82.188:58916 <-> 54.255.185.236:5222 [proto: 178/Amazon][cat: Web/5][2 pkts/225 bytes <-> 2 pkts/171 bytes][PLAIN TEXT (xiaomi.com)]
	12	TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes]
	13	TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes]
	14	UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Host: mqtt.facebook.com][PLAIN TEXT (facebook)]
	15	TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 126/Google][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes]
	16	TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes]
	17	TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes]
	18	TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
	19	TCP 173.252.122.1:443 -> 10.24.82.188:52123 [proto: 91.119/TLS.Facebook][cat: SocialNetwork/6][1 pkts/56 bytes -> 0 pkts/0 bytes]
	20	TCP 216.58.220.161:443 -> 10.24.82.188:56697 [proto: 91.126/TLS.Google][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes]
Powered by cgit, Themed by Ted Yin.