aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/nintendo.pcap.out
blob: abc0710b1ab8134441b3a10c9cbb8669728072e5 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

Guessed flow protos:	6

DPI Packets (TCP):	18	(4.50 pkts/flow)
DPI Packets (UDP):	32	(2.13 pkts/flow)
DPI Packets (other):	2	(1.00 pkts/flow)
Confidence Match by port    : 1 (flows)
Confidence DPI              : 15 (flows)
Confidence Match by IP      : 5 (flows)
Num dissector calls: 1301 (61.95 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/18/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/6/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
Automa host:          10/10 (search/found)
Automa domain:        10/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     3/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   36/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   32/10 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

ICMP	30	2100	2
TLS	56	8595	2
Nintendo	890	320242	12
AmazonAWS	20	2216	5

Safe                            56 8595          2            
Acceptable                      50 4316          7            
Fun                            890 320242        12           

JA3 Host Stats: 
		 IP Address                  	 # JA3C     
	1	 192.168.12.114           	 1      


	1	UDP 192.168.12.114:55915 <-> 185.118.169.65:27520 [proto: 173/Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][169 pkts/61414 bytes <-> 278 pkts/126260 bytes][Goodput ratio: 88/91][5.90 sec][bytes ratio: -0.346 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 34/17 311/242 44/19][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 363/454 886/886 191/118][Plen Bins: 0,2,24,2,0,0,0,0,0,0,0,0,0,63,6,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	UDP 192.168.12.114:55915 <-> 93.237.131.235:56066 [proto: 173/Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][122 pkts/48332 bytes <-> 35 pkts/5026 bytes][Goodput ratio: 89/71][5.68 sec][bytes ratio: 0.812 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/77 607/506 66/117][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 396/144 1254/886 210/128][Plen Bins: 0,5,35,3,1,0,0,0,0,0,0,0,0,51,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
	3	UDP 192.168.12.114:55915 <-> 81.61.158.138:51769 [proto: 173/Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][122 pkts/46476 bytes <-> 38 pkts/5268 bytes][Goodput ratio: 89/70][5.49 sec][bytes ratio: 0.796 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/76 313/318 40/84][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 381/139 886/886 193/124][PLAIN TEXT (FutwCa)][Plen Bins: 0,7,38,1,1,0,0,0,0,0,0,0,0,47,2,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	4	TCP 54.187.10.185:443 <-> 192.168.12.114:48328 [proto: 91/TLS][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][DPI packets: 2][cat: Web/5][34 pkts/4466 bytes <-> 20 pkts/4021 bytes][Goodput ratio: 50/67][21.54 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 728/1409 14019/13944 2636/3582][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 131/201 400/983 86/219][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TLS/QUIC Probing][Plen Bins: 0,58,5,15,0,2,0,8,0,2,2,0,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	5	TCP 192.168.12.114:41517 <-> 54.192.27.217:443 [proto: 91.173/TLS.Nintendo][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][DPI packets: 7][cat: Game/8][11 pkts/2898 bytes <-> 10 pkts/4865 bytes][Goodput ratio: 75/86][0.56 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][bytes ratio: -0.253 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 65/54 287/250 89/82][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 263/486 1414/1414 387/570][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][JA4: t12d260500_f64c77d06cfa_b289314254d8][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Firefox][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0,0]
	6	TCP 192.168.12.114:31329 <-> 54.192.27.8:443 [proto: 91.173/TLS.Nintendo][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][DPI packets: 7][cat: Game/8][10 pkts/2833 bytes <-> 10 pkts/4866 bytes][Goodput ratio: 76/86][0.51 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][bytes ratio: -0.264 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 57/47 243/198 76/65][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 283/487 1414/1414 401/570][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TLSv1.2][JA3C: 200a99534ce50d35cf40cc3cce4c69b5][JA4: t12d260500_f64c77d06cfa_b289314254d8][ServerNames: *.baas.nintendo.com,baas.nintendo.com][JA3S: 699a80bdb17efe157c861f92c5bf5d1d][Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA][Subject: C=JP, ST=Kyoto, L=Minami-ku, O=Nintendo Co., Ltd., CN=*.baas.nintendo.com][Certificate SHA-1: 8A:0A:1D:D3:A8:96:7A:55:C5:75:B2:2B:3E:45:15:54:0A:B0:FC:94][Firefox][Validity: 2015-08-12 00:00:00 - 2018-08-15 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 10,10,0,10,0,0,10,0,0,10,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,30,0,0,0,0,0]
	7	UDP 192.168.12.114:52119 <-> 91.8.243.35:49432 [proto: 173/Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][23 pkts/2682 bytes <-> 16 pkts/3408 bytes][Goodput ratio: 64/80][4.86 sec][bytes ratio: -0.119 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 232/89 514/507 225/142][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 117/213 230/854 27/243][Plen Bins: 0,41,43,5,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	8	UDP 192.168.12.114:52119 <-> 109.21.255.11:50251 [proto: 173/Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][8 pkts/1024 bytes <-> 8 pkts/1024 bytes][Goodput ratio: 67/67][1.28 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 39/58 119/111 274/242 89/65][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 128/128 198/198 41/41][Plen Bins: 0,62,12,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	9	UDP 192.168.12.114:52119 <-> 134.3.248.25:56955 [proto: 173/Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][8 pkts/1040 bytes <-> 7 pkts/922 bytes][Goodput ratio: 68/68][1.15 sec][bytes ratio: 0.060 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 9/17 108/127 288/286 109/90][Pkt Len c2s/s2c min/avg/max/stddev: 102/102 130/132 198/198 40/42][Plen Bins: 0,53,20,0,26,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	10	ICMP 151.6.184.100:0 -> 192.168.12.114:0 [proto: 81/ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][21 pkts/1470 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.73 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 40/0 315/0 92/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	11	UDP 192.168.12.114:10184 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Network/14][4 pkts/368 bytes <-> 4 pkts/400 bytes][Goodput ratio: 54/58][0.01 sec][Hostname/SNI: g2df33d01-lp1.p.srv.nintendo.net][52.10.205.177][bytes ratio: -0.042 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 4/4 4/4 5/5 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 92/92 92/100 92/108 0/8][PLAIN TEXT (nintendo)][Plen Bins: 0,75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	12	UDP 192.168.12.114:52119 -> 52.10.205.177:34343 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 1][cat: Cloud/13][1 pkts/730 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 7.623 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	13	ICMP 151.6.184.98:0 -> 192.168.12.114:0 [proto: 81/ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: Network/14][9 pkts/630 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.60 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 75/0 316/0 130/0][Pkt Len c2s/s2c min/avg/max/stddev: 70/0 70/0 70/0 0/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	14	UDP 192.168.12.114:55915 <-> 35.158.74.61:10025 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 7][cat: Cloud/13][5 pkts/290 bytes <-> 5 pkts/290 bytes][Goodput ratio: 27/27][0.06 sec][bytes ratio: 0.000 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 4/3 2/1][Pkt Len c2s/s2c min/avg/max/stddev: 58/58 58/58 58/58 0/0][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	15	UDP 192.168.12.114:18874 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][0.03 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.217][PLAIN TEXT (fb203858ebc)][Plen Bins: 0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	16	UDP 192.168.12.114:51035 <-> 192.168.12.1:53 [proto: 5.173/DNS.Nintendo][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/110 bytes <-> 1 pkts/281 bytes][Goodput ratio: 61/85][< 1 sec][Hostname/SNI: e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com][54.192.27.8][PLAIN TEXT (fb203858ebc)][Plen Bins: 0,0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	17	UDP 192.168.12.114:52119 -> 35.158.74.61:33335 [proto: 173/Nintendo][IP: 265/AmazonAWS][ClearText][Confidence: DPI][DPI packets: 1][cat: Game/8][3 pkts/354 bytes -> 0 pkts/0 bytes][Goodput ratio: 64/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	18	UDP 192.168.12.114:55915 -> 35.158.74.61:33335 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 3][cat: Cloud/13][3 pkts/318 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (NATTestId)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	19	UDP 192.168.12.114:55915 -> 52.10.205.177:34343 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 1][cat: Cloud/13][1 pkts/298 bytes -> 0 pkts/0 bytes][Goodput ratio: 86/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 6.886 (Compressed Executable?)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	20	UDP 192.168.12.114:55915 -> 35.158.74.61:33334 [proto: 265/AmazonAWS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by IP][DPI packets: 5][cat: Cloud/13][5 pkts/290 bytes -> 0 pkts/0 bytes][Goodput ratio: 27/0][0.00 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	21	TCP 192.168.12.114:11534 <-> 54.146.242.74:443 [proto: 91/TLS][IP: 265/AmazonAWS][Encrypted][Confidence: Match by port][DPI packets: 2][cat: Web/5][1 pkts/54 bytes <-> 1 pkts/54 bytes][Goodput ratio: 0/0][0.18 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.