home

Mobile Endpoint Security

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Mobile Endpoint Security

Network Threat Detail Fields

networkThreatDetails:mitmDetails Fields

Man-in-the-Middle events are returned as THREAT events with type=NETWORK and a networkThreatDetails:mitmDetails block with the following information:

"details": {
  ...,
  "assessments": [...],
  "networkThreatDetails": {
    "mitmDetails" {
      "type": "MITM",
      "probingResult": {
        "endpoint": "https://protect12.protect.prod.lkt.is",
        "resolved_ip_address": "44.224.106.71"
      },
      "network": {
        "connectionType": "network_connection_type_wifi",
        "name": "network name",
        "wifiBssid": "home",
        "proxyConfiguration": {
          "address": "ip address if using a proxy",
          "port": 1234,
          "protocol": "protocol if using a proxy"
        },
        "dnsIpAddresses": ["10.18.216.174", "10.18.216.175"],
      }
    }
  }
}
FieldTypeDescription
type
StringAlways MITM
probingResult
JSONThe results of Lookout's network probe.
  probingResult:endpoint
StringThe Lookout network probe endpoint.
  probingResult:resolvedIpAddress
StringThe domain name of the resolved IP address.
network
JSONWireless network information.
  network:connectionType
StringThe network connection type.
  *network:name
StringThe wireless network name.
  *network:wifiBssid
StringThe wireless network ID.
  network:proxyConfiguration
JSONProxy configuration.
    proxyConfiguration:address
StringThe proxy IP address.
    proxyConfiguration:port
integerThe proxy port being used.
    proxyConfiguration:protocol
StringThe proxy protocol being used.
  dnsIpAddresses
String arrayList of IP addresses.
  network:vpnConfiguration
JSONVPN information, if one exists.
    vpnConfiguration:localAddress
StringThe local IP address of the device within the VPN network.
    vpnConfiguration:remoteAddress
StringThe remote IP address of the device.
  network:accessPointHostName
StringThe wireless network access point host.
  network:connected
BooleanWhether the device is connected to the listed network.

* Field omitted if privacy controls are enabled.

Last updated: September 30, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.