summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/windowsupdate_over_http.pcap.out
blob: f4e62aff60b51f969c38fdc2884ce2c5f4324b3f (plain) 
1
2
3
4
5
6
7
8
9

     DAEMON-EVENT: init
              new: [.....1] [ip4][..tcp] [......10.0.2.15][49815] -> [..151.99.72.125][...80]
         detected: [.....1] [ip4][..tcp] [......10.0.2.15][49815] -> [..151.99.72.125][...80] [HTTP.WindowsUpdate][Unknown][SoftwareUpdate][Safe][151.99.72.125]
                   RISK: HTTP/TLS/QUIC Numeric Hostname/SNI
 detection-update: [.....1] [ip4][..tcp] [......10.0.2.15][49815] -> [..151.99.72.125][...80] [HTTP.WindowsUpdate][Unknown][Download][Safe][151.99.72.125]
                   RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Binary file/data transfer (attempt)
             idle: [.....1] [ip4][..tcp] [......10.0.2.15][49815] -> [..151.99.72.125][...80] [HTTP.WindowsUpdate][Unknown][Download][Safe]
                   RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Binary file/data transfer (attempt)
     DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.