diff options
Diffstat (limited to 'tests/result/netflix.pcap.out')
| -rw-r--r-- | tests/result/netflix.pcap.out | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/tests/result/netflix.pcap.out b/tests/result/netflix.pcap.out index 700ba9203..238dfc640 100644 --- a/tests/result/netflix.pcap.out +++ b/tests/result/netflix.pcap.out @@ -64,17 +64,17 @@ JA3 Host Stats: 45 TCP 192.168.1.7:53250 <-> 52.41.30.5:443 [proto: 91.133/TLS.NetFlix][Encrypted][Confidence: DPI][cat: Video/26][10 pkts/2830 bytes <-> 7 pkts/2484 bytes][Goodput ratio: 76/81][0.21 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: 0.065 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 26/20 92/54 34/22][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/355 1450/1066 419/413][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,0,12,0,12,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,12,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0] 46 TCP 192.168.1.7:53117 <-> 52.32.196.36:443 [proto: 91.133/TLS.NetFlix][Encrypted][Confidence: DPI][cat: Video/26][12 pkts/1294 bytes <-> 8 pkts/1723 bytes][Goodput ratio: 39/69][30.71 sec][Hostname/SNI: api-global.netflix.com][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3064/6120 30486/30536 9141/12208][Pkt Len c2s/s2c min/avg/max/stddev: 60/66 108/215 309/989 83/296][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 7e72698146290dd68239f788a452e7d8][JA3S: 303951d4c50efb2e991652225a6f02b1][Firefox][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 25,12,12,0,12,0,12,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 47 UDP 192.168.1.7:53776 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][16 pkts/2648 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][79.13 sec][Hostname/SNI: 239.255.255.250:1900][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 105/0 4588/0 14907/0 6547/0][Pkt Len c2s/s2c min/avg/max/stddev: 164/0 166/0 167/0 2/0][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.02 sec][Hostname/SNI: ios.nccp.netflix.com][54.191.17.51][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.04 sec][Hostname/SNI: ios.nccp.netflix.com][52.32.22.214][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Goodput ratio: 47/88][0.04 sec][Hostname/SNI: ios.nccp.netflix.com][2620:108:700f::3428:72a3][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Goodput ratio: 49/83][0.02 sec][Hostname/SNI: ichnaea.geo.netflix.com][52.37.36.252][PLAIN TEXT (ichnaea)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.02 sec][Hostname/SNI: api-global.latency.prodaa.netflix.com][52.89.39.139][PLAIN TEXT (global)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.03 sec][Hostname/SNI: api-global.latency.prodaa.netflix.com][52.41.30.5][PLAIN TEXT (global)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Goodput ratio: 56/81][0.00 sec][Hostname/SNI: ichnaea.us-west-2.prodaa.netflix.com][54.69.204.241][PLAIN TEXT (ichnaea)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Goodput ratio: 46/78][0.02 sec][Hostname/SNI: appboot.netflix.com][54.201.191.132][PLAIN TEXT (appboot)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Goodput ratio: 49/71][0.01 sec][Hostname/SNI: artwork.akam.nflximg.net][184.25.204.25][PLAIN TEXT (artwork)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50/69][0.02 sec][Hostname/SNI: sha2.san.akam.nflximg.net][104.86.97.179][PLAIN TEXT (akamaiedge)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 48/62][0.02 sec][Hostname/SNI: a1907.dscg.akamai.net][184.25.204.10][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: a803.dscg.akamai.net][184.25.204.24][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 48 UDP 192.168.1.7:51543 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.02 sec][Hostname/SNI: ios.nccp.netflix.com][54.191.17.51][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 111][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 49 UDP 192.168.1.7:51622 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][2 pkts/160 bytes <-> 2 pkts/646 bytes][Goodput ratio: 47/87][0.04 sec][Hostname/SNI: ios.nccp.netflix.com][52.32.22.214][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 33][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,25,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 50 UDP 192.168.1.7:52347 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/80 bytes <-> 1 pkts/371 bytes][Goodput ratio: 47/88][0.04 sec][Hostname/SNI: ios.nccp.netflix.com][2620:108:700f::3428:72a3][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 98][PLAIN TEXT (netflix)][Plen Bins: 0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 51 UDP 192.168.1.7:60962 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/83 bytes <-> 1 pkts/248 bytes][Goodput ratio: 49/83][0.02 sec][Hostname/SNI: ichnaea.geo.netflix.com][52.37.36.252][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 12][PLAIN TEXT (ichnaea)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 52 UDP 192.168.1.7:51949 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.02 sec][Hostname/SNI: api-global.latency.prodaa.netflix.com][52.89.39.139][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 58][PLAIN TEXT (global)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 53 UDP 192.168.1.7:52095 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/97 bytes <-> 1 pkts/225 bytes][Goodput ratio: 56/81][0.03 sec][Hostname/SNI: api-global.latency.prodaa.netflix.com][52.41.30.5][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 43][PLAIN TEXT (global)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 54 UDP 192.168.1.7:52116 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/96 bytes <-> 1 pkts/224 bytes][Goodput ratio: 56/81][0.00 sec][Hostname/SNI: ichnaea.us-west-2.prodaa.netflix.com][54.69.204.241][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 1][PLAIN TEXT (ichnaea)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 55 UDP 192.168.1.7:58102 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/79 bytes <-> 1 pkts/192 bytes][Goodput ratio: 46/78][0.02 sec][Hostname/SNI: appboot.netflix.com][54.201.191.132][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 109][PLAIN TEXT (appboot)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 56 UDP 192.168.1.7:59180 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/84 bytes <-> 1 pkts/148 bytes][Goodput ratio: 49/71][0.01 sec][Hostname/SNI: artwork.akam.nflximg.net][184.25.204.25][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 83][PLAIN TEXT (artwork)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 57 UDP 192.168.1.7:57719 <-> 192.168.1.1:53 [proto: 5.133/DNS.NetFlix][ClearText][Confidence: DPI][cat: Video/26][1 pkts/85 bytes <-> 1 pkts/137 bytes][Goodput ratio: 50/69][0.02 sec][Hostname/SNI: sha2.san.akam.nflximg.net][104.86.97.179][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 32][PLAIN TEXT (akamaiedge)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 58 UDP 192.168.1.7:57093 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/81 bytes <-> 1 pkts/113 bytes][Goodput ratio: 48/62][0.02 sec][Hostname/SNI: a1907.dscg.akamai.net][184.25.204.10][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 12][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 59 UDP 192.168.1.7:51728 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/80 bytes <-> 1 pkts/112 bytes][Goodput ratio: 47/62][0.02 sec][Hostname/SNI: a803.dscg.akamai.net][184.25.204.24][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 12][PLAIN TEXT (akamai)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 60 TCP 192.168.1.7:52929 -> 52.24.87.6:443 [proto: 91.265/TLS.AmazonAWS][Encrypted][Confidence: Match by IP][cat: Cloud/13][2 pkts/126 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][14.20 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 61 IGMP 192.168.1.7:0 -> 239.255.255.250:0 [proto: 82/IGMP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |