aboutsummaryrefslogtreecommitdiff
path: root/tests/result/waze.pcap.out
blob: 4bffe8bd5724732e55b6cea384dbf392e1afd98b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

Unknown	10	786	1
HTTP	65	64777	8
NTP	2	180	1
TLS	8	432	2
Google	13	2142	1
Waze	484	289335	19
WhatsApp	15	1341	1

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 10.8.0.1                 	 2      


	1	TCP 10.8.0.1:36100 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][52 pkts/10860 bytes <-> 55 pkts/74852 bytes][bytes ratio: -0.747 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 287.7/329.3 3806/5018 686.4/819.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 208.8/1360.9 590/17258 183.0/3378.1][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
	2	TCP 10.8.0.1:54915 <-> 65.39.128.135:80 [proto: 7/HTTP][cat: Web/5][19 pkts/1309 bytes <-> 18 pkts/61896 bytes][Host: xtra1.gpsonextra.net][bytes ratio: -0.959 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 320.7/372.6 3680/3677 903.4/959.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68.9/3438.7 317/11833 58.6/3467.6][PLAIN TEXT (GET /xtra)]
	3	TCP 10.8.0.1:39021 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/1962 bytes <-> 16 pkts/56934 bytes][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 155.3/188.5 387/415 136.9/130.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 115.4/3558.4 590/21942 132.3/6124.9][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	4	TCP 10.8.0.1:36312 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][17 pkts/2176 bytes <-> 15 pkts/42443 bytes][bytes ratio: -0.902 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 217.8/125.8 1449/293 382.9/116.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 128.0/2829.5 590/11186 147.3/3901.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	5	TCP 10.8.0.1:36316 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][15 pkts/1540 bytes <-> 13 pkts/26346 bytes][bytes ratio: -0.890 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 237.2/155.3 1289/609 358.5/182.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 102.7/2026.6 411/8150 98.2/2611.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	6	TCP 10.8.0.1:36102 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][19 pkts/2646 bytes <-> 18 pkts/9338 bytes][bytes ratio: -0.558 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 578.4/1210.2 5838/5890 1444.5/1891.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 139.3/518.8 555/3660 140.6/938.6][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
	7	TCP 10.8.0.1:39010 <-> 52.17.114.219:443 [proto: 91.135/TLS.Waze][cat: Web/5][8 pkts/1034 bytes <-> 8 pkts/8151 bytes][bytes ratio: -0.775 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/1 162.5/196.0 343/348 153.1/132.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 129.2/1018.9 283/4048 86.6/1610.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	8	TCP 10.8.0.1:51049 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1282 bytes <-> 11 pkts/6541 bytes][bytes ratio: -0.672 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/5 298.1/360.9 1175/1175 372.1/354.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 106.8/594.6 315/1422 85.4/584.3][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	9	TCP 10.8.0.1:51051 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1228 bytes <-> 10 pkts/6487 bytes][bytes ratio: -0.682 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 283.4/305.9 1174/1173 370.4/349.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 111.6/648.7 315/2165 87.6/739.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	10	TCP 10.8.0.1:36134 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1650 bytes <-> 12 pkts/4935 bytes][bytes ratio: -0.499 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 728.7/962.9 4966/4966 1533.8/1663.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 137.5/411.2 380/3201 123.8/874.8][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Certificate SHA-1: 30:50:FA:42:94:E4:1A:34:9B:23:55:CB:7B:F2:0D:76:FA:1C:58:4B][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
	11	TCP 10.8.0.1:36137 <-> 46.51.173.182:443 [proto: 91.135/TLS.Waze][cat: Web/5][12 pkts/1522 bytes <-> 11 pkts/4220 bytes][bytes ratio: -0.470 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 195.8/194.7 883/537 285.6/190.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 126.8/383.6 380/2189 106.9/639.7][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 714ac86d50db68420429ca897688f5f3 (WEAK)][Cipher: TLS_RSA_WITH_AES_256_CBC_SHA]
	12	TCP 10.8.0.1:36314 <-> 176.34.186.180:443 [proto: 91.135/TLS.Waze][cat: Web/5][11 pkts/1260 bytes <-> 9 pkts/4413 bytes][bytes ratio: -0.556 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 335.4/261.1 1332/645 428.4/235.7][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 114.5/490.3 347/2533 94.6/785.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.world.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	13	TCP 10.8.0.1:51050 <-> 176.34.103.105:443 [proto: 91.135/TLS.Waze][cat: Web/5][9 pkts/1184 bytes <-> 9 pkts/4369 bytes][bytes ratio: -0.574 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 300.3/341.3 1397/1346 459.1/420.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 131.6/485.4 379/2165 107.7/725.4][TLSv1][JA3C: f392f120f1087cd2f8814539cf58cfa4][Server: *.waze.com][JA3S: 39f74f5618836d3c5f7dcccc9f67ba75][Certificate SHA-1: A9:35:F0:16:17:A3:FD:73:EC:0C:03:24:F8:34:5A:8A:B3:D7:8D:57][Cipher: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
	14	TCP 10.8.0.1:45529 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][9 pkts/591 bytes <-> 8 pkts/3424 bytes][Host: roadshields.waze.com][bytes ratio: -0.706 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/3 75.0/104.8 261/274 88.5/91.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 65.7/428.0 137/1678 26.0/650.9][URL: roadshields.waze.com/images/HD/CH2.png][StatusCode: 200][PLAIN TEXT (GET /images/HD/CH)]
	15	TCP 10.8.0.1:36585 <-> 173.194.118.48:443 [proto: 91.126/TLS.Google][cat: Web/5][7 pkts/1137 bytes <-> 6 pkts/1005 bytes][bytes ratio: 0.062 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/2 32.2/74.5 53/188 24.3/68.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 162.4/167.5 572/602 176.8/200.3][TLSv1][JA3C: f8f5b71e02603b283e55b50d17ede861][JA3S: 23f1f6e2f0015c166df49fdab4280370 (INSECURE)][Cipher: TLS_ECDHE_RSA_WITH_RC4_128_SHA]
	16	TCP 10.8.0.1:45536 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][8 pkts/594 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.130 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 22.7/28.7 134/84 49.8/39.1][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 74.2/110.1 194/447 45.7/137.5][URL: cres.waze.com/lang_asr/lang.portuguese_br_asr][StatusCode: 304][PLAIN TEXT (GET /lang)]
	17	TCP 10.8.0.1:50828 <-> 108.168.176.228:443 [proto: 142/WhatsApp][cat: Chat/9][8 pkts/673 bytes <-> 7 pkts/668 bytes][bytes ratio: 0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/9 80.5/98.2 289/238 105.9/82.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 84.1/95.4 222/245 53.4/66.5][PLAIN TEXT (Android)]
	18	TCP 10.8.0.1:45546 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/557 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.161 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 105.4/174.3 394/397 152.4/165.6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.6/110.1 211/447 54.1/137.5][URL: cres.waze.com/newVconfig/1.0/3/prompts_conf.buf?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /newV)]
	19	TCP 10.8.0.1:45538 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/555 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 42.2/69.7 177/177 68.5/77.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.3/110.1 209/447 53.4/137.5][URL: cres.waze.com/lang_tts/lang.portuguese_br_tts?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /lang)]
	20	TCP 10.8.0.1:45552 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/552 bytes <-> 7 pkts/771 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 34.4/56.3 169/168 67.3/79.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.9/110.1 206/447 52.3/137.5][URL: cres.waze.com/langs/1.0/lang.portuguese_br?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /langs/1.0/lang.portuguese)]
	21	TCP 10.8.0.1:45554 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/550 bytes <-> 7 pkts/769 bytes][Host: cres.waze.com][bytes ratio: -0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 25.8/42.3 126/125 50.1/58.5][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 78.6/109.9 204/445 51.7/136.8][URL: cres.waze.com/newVconfig/1.0/3/lang.conf?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /newV)]
	22	TCP 10.8.0.1:45540 <-> 54.230.227.172:80 [proto: 7.135/HTTP.Waze][cat: Web/5][7 pkts/553 bytes <-> 7 pkts/733 bytes][Host: roadshields.waze.com][bytes ratio: -0.140 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.8/68.0 176/174 68.0/75.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 79.0/104.7 207/409 52.7/124.2][URL: roadshields.waze.com/shields_conf_new_latam?rtserver-id=15][StatusCode: 304][PLAIN TEXT (GET /shields)]
	23	TCP 10.16.37.157:41823 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
	24	TCP 10.16.37.157:43991 <-> 200.160.4.31:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
	25	TCP 10.16.37.157:46473 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
	26	TCP 10.16.37.157:52746 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
	27	TCP 10.16.37.157:52953 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes]
	28	TCP 10.8.0.1:43089 <-> 200.160.4.198:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
	29	TCP 10.8.0.1:45169 <-> 200.160.4.198:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
	30	TCP 10.8.0.1:60479 <-> 200.160.4.49:443 [proto: 91/TLS][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
	31	TCP 10.8.0.1:60574 <-> 200.160.4.49:80 [proto: 7/HTTP][cat: Web/5][2 pkts/108 bytes <-> 2 pkts/108 bytes]
	32	UDP 10.8.0.1:46214 <-> 200.89.75.198:123 [proto: 9/NTP][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes]


Undetected flows:
	1	TCP 10.16.37.157:42256 <-> 174.37.231.81:5222 [proto: 0/Unknown][8 pkts/678 bytes <-> 2 pkts/108 bytes][bytes ratio: 0.725 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 4574.6/0.0 16193/0 5409.1/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/54 84.8/54.0 91/54 10.8/0.0]
Powered by cgit, Themed by Ted Yin.