geedge-jira/attachment/60955/GitiVPN_20240808.json

{
	"signatures": [
		{
			"signature_id": 4664,
			"signature_name": "GitiVPN_fqdn_20240808",
			"and_conditions": [
				{
					"or_conditions": [
						{
							"lua_profile_id": 0,
							"attribute_type": "string",
							"attribute_name": "common.server_fqdn",
							"source_object_ids": [
								11838
							],
							"protocol": "common"
						}
					],
					"not_flag": 0
				}
			],
			"signature_desc": "",
			"icon_color": ""
		}
	],
	"sig_objects": [
		{
			"id": 11838,
			"type": "fqdn",
			"name": "GitiVPN_fqdn_20240808",
			"vsys_id": 1,
			"source_id": 11838,
			"source_name": "GitiVPN_fqdn_20240808",
			"member_type": "1",
			"member": {
				"items": [
					{
						"string": {
							"item_type": "fqdn",
							"expr_type": 0,
							"is_hexbin": 0,
							"patterns": [
								{
									"keywords": "*.GVGfVGItI24.xyz"
								}
							]
						}
					},
					{
						"string": {
							"item_type": "fqdn",
							"expr_type": 0,
							"is_hexbin": 0,
							"patterns": [
								{
									"keywords": "$www.ggitgpnv.info"
								}
							]
						}
					},
					{
						"string": {
							"item_type": "fqdn",
							"expr_type": 0,
							"is_hexbin": 0,
							"patterns": [
								{
									"keywords": "$www.nypaintstore.info"
								}
							]
						}
					},
					{
						"string": {
							"item_type": "fqdn",
							"expr_type": 0,
							"is_hexbin": 0,
							"patterns": [
								{
									"keywords": "$api.gempanel.top"
								}
							]
						}
					}
				]
			},
			"uuid": "47039c1f-4997-11ef-8504-aa311b8c635e"
		}
	],
	"applications": [
		{
			"app_id": 18785,
			"app_name": "GitiVPN_20240808",
			"app_longname": "GitiVPN_20240808",
			"description": "google play:https://play.google.com/store/apps/details?id=com.gitivpn.secureg&hl=en_US",
			"seq_no": 18785,
			"app_properties": {
				"parent_app_id": 0,
				"parent_app_name": "null",
				"category": "networking",
				"subcategory": "tunnels",
				"content": "unknown",
				"risk": "1",
				"characteristics": "",
				"deny_action": {
					"method": "drop",
					"after_n_packets": 0,
					"send_icmp_unreachable": 1,
					"send_tcp_reset": 1
				},
				"continue_scanning": 0,
				"tcp_timeout": 0,
				"udp_timeout": 0,
				"tcp_half_close": 0,
				"tcp_time_wait": 0
			},
			"app_surrogates": [
				{
					"group_by": "session",
					"time_window": 0,
					"ordered_match": "no",
					"signature_sequence": [
						{
							"signature": "GitiVPN_fqdn_20240808",
							"exclude": 0
						}
					]
				}
			]
		}
	]
}