search

ooni / backend

Everything related to OONI backend infrastructure: ooni/api, ooni/pipeline, ooni/sysadmin, collector, bouncers and test-helpers
BSD 3-Clause "New" or "Revised" License
50 stars 29 forks source link

Add middlebox fingerprint for SA #691

Open anadahz opened 5 years ago

anadahz commented 5 years ago

Possible blockpage fingerprint for SA.

Example measurement: https://explorer.ooni.io/measurement/20180717T084426Z_AS15505_0NtuQmtvJpAZG5I4V8QtVrS5PeUnqplLxvm3zDflzPm7ywFmX0?input=http:%2F%2Fwww.163.com

tag:bluecoat

anadahz commented 5 years ago

Another one.

Example measurement: https://explorer.ooni.io/measurement/20181123T095240Z_AS25019_ggZOfIsoEKdMMUoGeXovnBL9vvTlPv8x7KZ4qkrgOjL5oB6Swb?input=http:%2F%2Fwww.eelam.com

tag: IG300

hellais commented 4 years ago

I added the first one to the fingerprint DB.

I did not add the second one, because it looks more like a middlebox. I am defering that to future work.

Here it is for the record.

{
  "test_keys": {
    "accessible": null,
    "control": {},
    "control_failure": "generic_timeout_error",
    "socksproxy": null,
    "http_experiment_failure": null,
    "agent": "redirect",
    "retries": null,
    "client_resolver": "74.125.47.15",
    "dns_consistency": null,
    "dns_experiment_failure": null,
    "body_proportion": 0,
    "blocking": null,
    "queries": [
      {
        "engine": "system",
        "resolver_hostname": null,
        "query_type": "A",
        "hostname": "www.eelam.com",
        "answers": [
          {
            "hostname": "www.eelam.com",
            "answer_type": "CNAME",
            "ttl": 0
          },
          {
            "ipv4": "10.215.1.10",
            "answer_type": "A",
            "ttl": 0
          }
        ],
        "failure": null,
        "resolver_port": null
      }
    ],
    "body_length_match": null,
    "requests": [
      {
        "failure": null,
        "request": {
          "body": "",
          "headers": {
            "Accept-Language": "en-US;q=0.8,en;q=0.5",
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
            "User-Agent": "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36"
          },
          "tor": {
            "is_tor": false,
            "exit_ip": null,
            "exit_name": null
          },
          "url": "http://www.eelam.com/",
          "method": "GET"
        },
        "response": {
          "body": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n<HTML><HEAD><META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=iso-8859-1\">\n<TITLE>ERROR: The requested URL could not be retrieved</TITLE>\n<STYLE type=\"text/css\"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>\n</HEAD><BODY>\n<H2>The requested URL could not be retrieved</H2>\n<HR noshade size=\"1px\">\n<P>\nWhile trying to retrieve the URL:\n<A HREF=\"http://www.eelam.com/\">http://www.eelam.com/</A>\n<P>\nThe following error was encountered:\n<BLOCKQUOTE>\nUnable to determine IP address from host name for\n<I>www.eelam.com</I>\n</BLOCKQUOTE>\n\n<P>\nThe dnsserver returned:\n<BLOCKQUOTE>\nServer Failure: The name server was unable to process this query.\n</BLOCKQUOTE>\n\n<P>\nThis means that:\n<PRE>\n The cache was not able to resolve the hostname presented in the URL. \n Check if the address is correct. \n</PRE>\n<P>Your cache administrator is <A HREF=\"mailto:support@server.com\">support@server.com</A>. \n\n<BR clear=\"all\">\n<HR noshade size=\"1px\">\n<ADDRESS>\nGenerated Fri, 23 Nov 2018 09:25:58 GMT by IG3000.antlabs.com (squid/2.5.STABLE3)\n</ADDRESS>\n</BODY></HTML>\n",
          "headers": {
            "Content-Length": "1216",
            "X-Cache": "MISS from IG3000.antlabs.com",
            "X-Squid-Error": "ERR_DNS_FAIL 0",
            "Expires": "Fri, 23 Nov 2018 09:25:58 GMT",
            "Server": "squid/2.5.STABLE3",
            "Connection": "close",
            "Date": "Fri, 23 Nov 2018 09:25:58 GMT",
            "Content-Type": "text/html",
            "Mime-Version": "1.0"
          },
          "response_line": "HTTP/1.0 503 Service Unavailable",
          "code": 503
        }
      }
    ],
    "tcp_connect": [
      {
        "status": {
          "failure": null,
          "success": true,
          "blocked": false
        },
        "ip": "10.215.1.10",
        "port": 80
      }
    ],
    "title_match": null,
    "headers_match": null,
    "status_code_match": null
  },
  "test_start_time": "2018-11-23 09:52:37",
  "input_hashes": [],
  "probe_ip": "127.0.0.1",
  "probe_city": null,
  "test_helpers": {
    "backend": {
      "type": "https",
      "address": "https://b.web-connectivity.th.ooni.io:443"
    }
  },
  "probe_cc": "SA",
  "id": "4f0db074-11a4-40f9-9ebb-ee78c934d006",
  "test_runtime": 38.7344589233,
  "input": "http://www.eelam.com",
  "probe_asn": "AS25019",
  "annotations": {
    "platform": "android",
    "engine_version_full": "v0.8.4",
    "engine_version": "0.8.4",
    "engine_name": "libmeasurement_kit"
  },
  "software_name": "ooniprobe-android",
  "software_version": "1.3.4",
  "data_format_version": "0.2.0",
  "report_filename": "2018-11-23/20181123T095237Z-SA-AS25019-web_connectivity-20181123T095240Z_AS25019_ggZOfIsoEKdMMUoGeXovnBL9vvTlPv8x7KZ4qkrgOjL5oB6Swb-0.2.0-probe.json",
  "test_version": "0.0.1",
  "bucket_date": "2018-11-23",
  "test_name": "web_connectivity",
  "report_id": "20181123T095240Z_AS25019_ggZOfIsoEKdMMUoGeXovnBL9vvTlPv8x7KZ4qkrgOjL5oB6Swb",
  "measurement_start_time": "2018-11-23 09:52:40",
  "backend_version": null,
  "options": []
}